– Analyze the source code of the URL and completely block it with double verification up to web search.
-Continuously update the list of malicious URLs to efficiently respond to the latest threats
– Obtain SMS access rights and receive technical certification from Google
– Block all malicious URLs with just installation
■ Evolving financial fraud and damage
Malicious URL sending attacks are becoming more diverse. These include scam calls and smishing that attack by installing malicious apps or connecting to phishing sites, mobile ransomware that encrypts stored documents and files and demands money in exchange for recovery, spam emails that execute untrusted attachments or infect them with malware, and personal information leaks that leak important personal information and internal confidential information to the outside. The commonality of these attacks is that they are carried out through malicious URLs. URLs are becoming a key route for cyber attacks, such as stealing card information from fake shopping malls or inducing installation of malicious apps by disguising them as obituary messages.
Pilsang is providing a service called 'Ssakdajab-a' that detects and catches not only known malicious URLs but also new types of malicious URLs in real time. We met with CEO Kang Pilsang to hear about 'Ssakdajab-a', an AI-based real-time malicious URL blocking solution.
■ Analyze the source code of the URL and comprehensively judge the web search results
“The police only try to catch malicious apps, not URLs or links. The financial sector and telecommunications companies only provide guidance such as ‘Be careful of this type of fraud.’ However, the real problem is the URL.”
Representative Kang pointed out that existing security technologies have a problem in blocking new malicious URLs. This is because they detect based on blacklists. For example, if you are a victim of a phishing attack, the victim reports it, analyzes the attack, and then updates the blacklist. This helps block the next victim, but it means that the treatment is done after the attack has already occurred and the damage has been done. This means that if the malicious URL is updated faster than the blacklist update, you will be completely affected.
Pilsang presented an innovative solution called real-time malicious URL detection using AI. The 'links' we click on on a daily basis are essentially all URLs, which are becoming the main channels for cyber attacks. URLs are the core of the request and response system, which is the basic operating principle of the web. When a user requests information through a URL, the web server sends the information, and the web browser displays it in a nice way. Links are merely an interface that allows convenient access to these URLs.
The problem lies in the nature of URLs. Even if just one letter is changed, it can lead to completely different information on a completely different server. Cyber attackers exploit this characteristic to create an infinite number of fake URLs that are difficult to distinguish from the real ones. They change their methods every day and threaten users in various ways, such as impersonating credit card companies, operating fake shopping malls, impersonating the police, and even inducing users to install malicious apps disguised as news of an acquaintance's death.
Pilsang uses AI technology to detect new malicious URLs that are not already on the blacklist. Before a phishing attack is attempted, it proactively analyzes the source code of the URL site to determine its authenticity. During the source code analysis process, it identifies various risk factors such as codes that induce malicious app downloads, duplicate link patterns, and unique structural features of phishing sites. Even more noteworthy is the double verification system. Even URLs that are determined to be normal through source code analysis undergo additional verification. The URL is searched on the web to collect extensive related information such as fraudulent site report history and damage cases, and the AI comprehensively analyzes this to assess the risk level. Through this double verification system, it can effectively detect new types of phishing sites that are continuously evolving.
If the URL is judged to be malicious, it is immediately registered in the list to protect other users. If someone attempts to access a URL registered in this way, it is immediately blocked to prevent damage. What is particularly noteworthy is that this list is updated in real time. Malicious URLs that are no longer active are automatically deleted, and whether or not to be listed on the list is determined based on the frequency of access attempts to the URL. URLs that are continuously detected for access attempts are kept in the list, but URLs that are not attempted for access are automatically removed, so that the latest threats are always efficiently responded to.
'Ssakdajab-a' currently has 300,000 users, and they analyze an average of 500,000 URLs per day. Of these, 150,000 are identified as malicious URLs and automatically blocked, proving the effectiveness of the service. A notable feature is its thorough personal information protection system. All data processing is done within the user's personal device, so the risk of personal information leakage is blocked at the source.
■ Technology certified by Google
Pilsang was officially recognized for its technological prowess in early 2023 when it obtained SMS access rights from Google. This is a major achievement since Google completely restricted SMS reading rights for general apps in 2019 to strengthen privacy protection. In order to obtain SMS access rights from Google, the app must pass a rigorous two-month verification process that proves the app's security, legitimacy of its intended use (e.g., spam prevention), and its ability to protect personal information. Currently, only two listed security companies and the National Police Agency have this authority in Korea, and Pilsang is the only startup. Based on this achievement, Pilsang plans to further expand its service area by releasing an iOS version in May of this year.
■ “Just leave it on”
'Ssakdajab-a' offers core security features for free, and for a subscription fee of 3,960 won per month, you can use advanced features such as ad removal, family phishing alerts, messenger replies, and phishing reports.
The biggest feature of this app is its user-friendliness. After installation, it automatically runs in the background and checks all URLs received via text and messenger in real time. It detects malicious URLs in advance and warns you before clicking, and you can check the safety of all apps installed on your phone as well as the risks of links and QR codes in advance.
“We live in an era where we do everything with our smartphones, from finance to shopping to work. The importance of security has grown, but it doesn’t have to be complicated. All you have to do is install it.” As CEO Kang Pil-sang said, ‘Ssakdajab-a’ presents an innovative solution that simply and effectively solves complex security issues.
■ Expansion into public and financial markets
In the cyber attack response enhancement project with Korea Electric Power Corporation, Pilsang has detected 40 new malicious URLs that were not found by existing security solutions. Based on this achievement, it has signed an MOU with Woori Bank and Hana Bank and is conducting a PoC (Proof of Concept) project, accelerating its entry into the financial sector. In particular, the financial sector is preparing a service linked to FDS (Fraud Detection System). Through this, if a customer has a history of accessing a malicious URL, FDS will detect this as a risk signal and implement enhanced security measures.
The 'Braum' solution for corporate customers is provided in SDK form, which allows easy integration with existing corporate apps or systems. In addition, it provides a control system that enables real-time security status monitoring, greatly increasing the efficiency of corporate security management.
■ An essential app for daily life safety
We are also making full-fledged forays into the global market. We are steadily preparing to conquer the Southeast Asian market, such as registering a patent in Singapore and promoting cooperation with the National Startup Support Center of the Ministry of Science and Technology of Vietnam. In particular, we are consolidating the foundation for market entry in Singapore, a country with advanced cybersecurity, by signing MOUs with local companies.
In terms of technology, we are focusing on developing more advanced security solutions. By introducing edge computing technology and enhancing the on-device AI processing system, we will be able to target developing countries with many low-spec smartphones. In addition, we are continuously developing AI models to respond to cyber threats that are becoming more intelligent due to the advancement of generative AI.
Pilsang has achieved remarkable results since 2024. It has succeeded in attracting 2 billion won in investment and being selected for Deep Tech Tips, and has also been selected for the 'AI Startup Accelerator 2nd' program jointly operated by SK Telecom and Hana Bank. It plans to accelerate growth by attracting additional investment starting with the launch of the iOS version.
CEO Kang Pil-sang, who has 18 years of programming experience and security expertise, founded Pil-sang after serving as the head of the AI model team at SecureLayer, and Director Park Sang-min, who is from LG Electronics, is in charge of marketing and CX. Pil-sang's ultimate goal is to go beyond a simple security solution company and establish itself as an 'essential app for daily safety' that helps all users live safely in the digital world.
You must be logged in to post a comment.