With the Winter Olympics set to commence in a few weeks from now, cyber criminals may target global fans, consumers, athletes and organizations with Winter Games-themed phishing attacks before and during the games, McAfee Advanced Threat Research has warned.
Cyber criminals may target fans, athletes and organisations before and during the Winter Olympics to steal usernames, passwords and financial information of victims by fooling them with “spoofed” corporate branded email addresses and emails written in native languages.
Back in January, prominent hacker group Fancy Bears announced that it had hacked a database belonging to the International Luge Federation (ILF) and had obtained documents that exposed ‘violations of the principles of fair play’, including widespread TUE approvals, missed anti-doping tests and the double standards approach towards guilty athletes.
Around the same time, the McAfee Advanced Threat Research team also uncovered a stealthy phishing operation that involved hackers sending e-mails directly to email@example.com and including a number of other South Korean organisations in the bcc field, thereby maximising the reach of their campaign.
The hackers made such emails appear as if they were sent by the National Counter-Terrorism Center (NCTC) in South Korea which is responsible for conducting physical security checks, thereby ensuring that virtually all recipients would download the attachments. Attachments in these emails contained PowerShell scripts that allowed hackers to exploits the encrypted channel to execute commands on the victim’s machine and to install additional malware.
Recently, the team also discovered that hackers were running a new campaign dubbed Operation Gold Dragon. Using spoofed emails, they injected a malicious implant named Gold Dragon into victims’ systems, which in turn allowed them to access end-user systems and to collect data stored on the device and connected cloud accounts. This operation put at risk customer and employee financial or personal data as well as Winter Games related details, trade secrets, and more.
Assuming that hackers would up their game as the Winter Olympics approaches, McAfee Advanced Threat Research is now advising organisations, fans, and athletes involved with the Olympics to take several steps to ensure hackers do not access their personal details or financial information.
These steps include ensuring that URL addresses look legitimate as hackers often spoof genuine websites to steal login credentials of unsuspecting users, making sure auto-updates are turned on as a best practice to ensure up-to-date security, visiting websites of providers directly to avoid falling victim to phishing traps, using comprehensive security software to protect devices and information from malware, and using website reputation tools like browser plug-ins that warn users when they visit a potentially malicious site.
‘Global gatherings such as the Olympics that see world leaders, businesses and governmental organisations converge on one location are a naturally attractive target for digital criminal activity. Notably, it is becoming increasingly likely that multiple attempts will be made to obtain sensitive information like passwords.
Even when the stakes are high in situations like this, the international community must ensure that the necessary measures are in place and sufficiently fortified to prevent any data from falling into the wrong hands,’ says Peter Carlisle, VP for EMEA at Thales eSecurity.