Collaborate Disseminate
Olympic Destroyer, the threat actor that targeted the 2018 Winter Olympics in Pyeongchang, South Korea, has launched new attacks against organizations from Russia, Ukraine and several other European countries. To sabotage the 2018 Winter Olympics comp… Continue reading Olympic Destroyer Moves from Pyeongchang to Europe and Russia
The threat actors appear to be in a reconnaissance phase, which could be a prelude to a larger cyber-sabotage attack meant to destroy and paralyze infrastructure. Continue reading Olympic Destroyer Returns to Target Biochemical Labs
A wave of sophisticated spear phishing emails captured by Moscow-based Kaspersky Lab suggests that the same Russian-linked hacking group responsible for a historic cyberattack on the 2018 Winter Olympics is now targeting biochemical research and domestic financial organizations. Dubbed the “Sandworm Group” by security analysts, the attackers gained notoriety earlier this year when a destructive hacking tool aimed at the IT network attached to the Winter Olympics caught the attention of multiple intelligence agencies. That tool, known as “Olympic Destroyer,” allowed for malware to spread within multiple confined IT environments, quickly deleting boot records and other forensic artifacts while also simultaneously siphoning off sensitive user credentials. CyberScoop previously reported that Sandworm had hacked into the 2018 Olympic games primary IT provider, Atos, months before the event began. One related phishing email that uses a booby trapped Microsoft Word document explicitly mentions a biochemical threat research conference held in Switzerland, which is organized by Spiez Laboratory. […]
The post Russian-linked group tied to Winter Olympics attack is now targeting biochemical researchers appeared first on Cyberscoop.
A wave of sophisticated spear phishing emails captured by Moscow-based Kaspersky Lab suggests that the same Russian-linked hacking group responsible for a historic cyberattack on the 2018 Winter Olympics is now targeting biochemical research and domestic financial organizations. Dubbed the “Sandworm Group” by security analysts, the attackers gained notoriety earlier this year when a destructive hacking tool aimed at the IT network attached to the Winter Olympics caught the attention of multiple intelligence agencies. That tool, known as “Olympic Destroyer,” allowed for malware to spread within multiple confined IT environments, quickly deleting boot records and other forensic artifacts while also simultaneously siphoning off sensitive user credentials. CyberScoop previously reported that Sandworm had hacked into the 2018 Olympic games primary IT provider, Atos, months before the event began. One related phishing email that uses a booby trapped Microsoft Word document explicitly mentions a biochemical threat research conference held in Switzerland, which is organized by Spiez Laboratory. […]
The post Russian-linked group tied to Winter Olympics attack is now targeting biochemical researchers appeared first on Cyberscoop.
News have recently broken out that the same hacking group who have been detected to spread the malware, known as “Olympic Destroyer” to still be active and targeting different threat prevention facilities all over Europe and financial facil… Continue reading Beware! 2018 “Olympic Destroyer” Worm and It’s Hackers are Still Active
Remember the ‘Olympic Destroyer’ cyber attack?
The group behind it is still alive, kicking and has now been found targeting biological and chemical threat prevention laboratories in Europe and Ukraine, and a few financial organisation in Russia.
Earl… Continue reading Hackers Who Hit Winter Olympics 2018 Are Still Alive and Kicking
In May-June 2018 we discovered new spear-phishing documents that closely resembled weaponized documents used by Olympic Destroyer in the past. This and other TTPs led us to believe that we were looking at the same actor again. However, this time the attacker has new targets. Continue reading Olympic Destroyer is still alive
The actors behind this kind of code, whether they’re bent on sending a political message or simply wanting to cover their tracks after data exfiltration, have adopted various techniques to carry out those activities. Continue reading Secrets of the Wiper: Inside the World’s Most Destructive Malware
Researchers say the case of Olympic Destroyer malware show how threat actors can manipulate “geopolitical agenda” with false flags. Continue reading Olympic Destroyer: A False Flag Confusion Bomb
More information was revealed this week about the Olympic Destroyer malware and how it was used to disrupt the availability of the Pyeonchang Olympic’s official website for a 12-hour period earlier this month. It appears that back in December, a … Continue reading Weekly Cyber Risk Roundup: Olympic Malware and Russian Cybercrime