ZATAZ » Chinese Hacker Arrested for Targeting BTS and Other Celebrities

A Chinese hacker, extradited from Thailand, is accused of orchestrating a large-scale cyberattack targeting BTS’s Jungkook and other South Korean celebrities by exploiting telecom authentication loopholes.

South Korean police have arrested a Chinese national suspected of running a hacking network that targeted celebrities, including Jungkook from BTS. The scheme allegedly compromised the data of hundreds of victims, enabling thefts estimated at nearly 39 billion won (≈ €27.2M). Hackers used fake mobile accounts to gain access to bank portfolios, securities, and cryptocurrency assets. Thanks to cooperation between Interpol, Thai police, and South Korean authorities, the suspect was extradited and charged in Seoul. The case highlights the fragility of remote authentication systems exploited by transnational cybercrime.

A Fraud Targeting South Korea’s Elite

The arrest of Jeon, 34, marks a turning point in an investigation spanning multiple jurisdictions. According to police, he ran a hacking group from abroad between summer 2023 and early 2024. Their objective: infiltrate major South Korean telecom companies to collect sensitive personal data. These details were then used to create fake mobile accounts, critical for bypassing remote authentication processes.

Within months, the network targeted 258 individuals. Among them were 12 celebrities, several business executives, athletes, and crypto investors. The most high-profile case involved BTS member Jungkook. Hackers attempted to liquidate his HYBE shares worth 8.4 billion won (≈ €5.9M). The attempt was stopped just in time when the brokerage froze the transfer.

Total damages are estimated at 39 billion won (≈ €27.2M). Only part was recovered: about 12.8 billion won (≈ €8.9M) was seized through rapid account freezes. Investigators say another 25 billion won (≈ €17.4M) in assets were protected at the last moment.

The scheme relied on the creation of 118 fraudulent phone lines under the names of 89 victims. These lines bypassed contactless ID systems. Once access was gained, hackers tried to drain bank accounts or transfer cryptocurrency. Authorities believe targets were chosen among wealthy profiles, seen as less likely to immediately notice anomalies.

Cross-Border Police Cooperation

Dismantling the network required international coordination. Jeon and other suspects were arrested in Bangkok in May 2025 during a joint Thai police–Interpol mission. On August 22, Jeon was extradited to Seoul, where he was charged with hacking, financial fraud, and identity theft.

The arrest underscores the weaknesses of security systems based solely on digital identification data. Telecom platform breaches demonstrate the strategic value of these infrastructures, which concentrate access to banking services and digital assets. By exploiting these weak points, cybercriminals turn protective systems into entry doors.

In a separate case in late August, Thai cyber police arrested a 33-year-old South Korean man at Bangkok airport, accused of laundering cryptocurrency into gold bars for international fraud networks. The suspect denied the charges but told police he had studied in China for six years before returning to South Korea to work for a firm that converted digital assets into gold. The criminal scheme began in February 2024, when victims were recruited for social media “engagement jobs,” supposedly earning money by liking posts and boosting follower counts. They were later persuaded to join “special activities” requiring upfront investment with promised returns of 30–50%.

Initially, scammers provided payouts to build trust, but when victims invested larger sums, they were blocked from withdrawing funds. Complaints led to a Cyber Crime Suppression Division probe, resulting in 10 arrests: five money launderers and five “mule” account holders. Further investigation identified Han as a key laundering operator. Each operation involved converting crypto worth at least 10 kg of gold (≈ $1M). Blockchain analysis revealed that between January and March 2024 alone, Han received about 47.3 million USDT, allegedly laundered into gold for the fraud ring.

A Chinese hacker extradited to South Korea is accused of targeting BTS’s Jungkook and 257 others through a sophisticated telecom fraud scheme. [ZATAZ News English version]