Hackers target Pyeongchang Olympics for stealing passwords or financial information purpose

According to foreign media reports on January 8, researchers said hackers have begun targeting PyeongChang Winter Olympics using e-mail messages infected with malicious software in order to steal passwords or financial information.

According to an AFP report on January 6, McAfee Network Security said in a report that several organizations related to the Olympic Winter Games have received malicious emails, the main objective of which is to identify some groups related to ice hockey. “Most of these organizations have some sort of relationship with the Olympic Winter Games, either in terms of providing infrastructure or playing a supporting role, and attackers appear to have taken the web too heavily in this attack.”

The report said that as early as December 22 last year, the attacks began and the e-mails used “impersonation” to make it appear to originate from the national anti-terrorism center in South Korea because the center was conducting anti-terrorism exercises to prepare for the Winter Olympics.

McAfee said the e-mail was actually from a website in Singapore instructing readers to open a Korean text file. According to the report, the title of the document is “jointly organized by the Ministry of Agriculture and Forestry and the Pyeongchang Winter Olympics.”

In some cases, malware is hidden in the text and then displayed in an image – a technique known as “steganography.” McAfee Corp. said: “Based on our analysis, this implant establishes an encrypted channel to the attacker’s server, likely giving the attacker the ability to execute commands on the victim’s machine and to install additional malware.”

McAfee said: “With the upcoming Olympics, we expect to see an increase in cyber attacks using Olympics-related themes. In similar past cases, the victims were targeted for their passwords and financial information.”

Referecence: AFP