[Alpha Biz= Paul Lee] South Korean police have launched a preliminary investigation into the hacking of seller accounts operated by AliExpress Korea, a Chinese e-commerce platform.
The Incheon Metropolitan Police Agency’s Cybercrime Investigation Unit said on January 26 that it has begun an internal probe into the incident involving AliExpress.
Although no formal complaints or charges have been filed, police decided to initiate the probe after reviewing media reports on the case.
According to a cyber incident report obtained by Rep. Lee Hae-min of the Rebuilding Korea Party from the Korea Internet & Security Agency (KISA), seller account information on AliExpress was hacked in October last year, resulting in unpaid settlement funds totaling KRW 8.6 billion.
Investigations found that the hacker exploited vulnerabilities in the one-time password (OTP) system used for business account password recovery. Using this method, the attacker reset passwords for 107 business accounts and changed the settlement bank account information for 83 of them to accounts under the hacker’s control.
AliExpress reported that it has paid all outstanding settlement amounts to affected sellers, including additional interest for delayed payments, and stated that sellers incurred no financial losses as a result of the incident.
알파경제 Paul Lee 특파원(hoondork1977@alphabiz.co.kr)
