Olympic Destroyer: A False Flag Confusion Bomb
Researchers say the case of Olympic Destroyer malware show how threat actors can manipulate “geopolitical agenda” with false flags. Continue reading Olympic Destroyer: A False Flag Confusion Bomb
Collaborate Disseminate
Researchers say the case of Olympic Destroyer malware show how threat actors can manipulate “geopolitical agenda” with false flags. Continue reading Olympic Destroyer: A False Flag Confusion Bomb
The recent attack on the Winter Olympic Games has served as a reminder of an information security fundamental: attribution is hard. Especially when that attribution results in different companies pointing fingers at different foreign groups, potentially leading to geopolitical repercussions. Case in point: Hackers reportedly acting on behalf of the Russian government were recently posited as the group behind a unique computer virus that disrupted the opening ceremony of the 2018 Winter Olympics, according to The Washington Post. Prior to the Olympics, cybersecurity firms McAfee and ThreatConnect found some evidence that a mysterious collage of hackers were targeting the Olympics by breaching related, third-party organizations that were connected to the event. CyberScoop also reported that the Olympic’s primary IT provider, Atos, was likely hacked months before the opening ceremony disruption. Dubbed “Olympic Destroyer” by security researchers, the malware was littered with code fragments tied to past, known breaches caused by at least […]
The post Winter Olympics hack shows how advanced groups can fake attribution appeared first on Cyberscoop.
Continue reading Winter Olympics hack shows how advanced groups can fake attribution
McAfee has discovered malware that serves as the second stage payload in a phishing campaigntargeting organizations surrounding the 2018 Winter Olympics. In a post published Friday, McAfee’s Advanced Threat Research team details the discovery and analysis of implants that surface on phishing targets’ systems once an initial PowerShell backdoor is installed. The report is an update on the phishing campaign they previously discovered that aimed to establish backdoors when a phishing victim opens a Microsoft Word document attachment. McAfee is calling the implants GoldDragon, Brave Prince, Ghost419 and RunningRat. The company says that once the initial backdoor is installed, these new implants establish a permanent presence that siphon information from the victim’s computer. The Gold Dragon implant allows for the downloading of subsequent malware payloads. Brave Prince and Ghost419 can collect content from the victim’s hard drive as well as detailed information about the computer. RunningRat is a remote access […]
The post McAfee uncovers new malware in Olympics hacking campaign appeared first on Cyberscoop.
Continue reading McAfee uncovers new malware in Olympics hacking campaign
McAfee has discovered malware that serves as the second stage payload in a phishing campaigntargeting organizations surrounding the 2018 Winter Olympics. In a post published Friday, McAfee’s Advanced Threat Research team details the discovery and analysis of implants that surface on phishing targets’ systems once an initial PowerShell backdoor is installed. The report is an update on the phishing campaign they previously discovered that aimed to establish backdoors when a phishing victim opens a Microsoft Word document attachment. McAfee is calling the implants GoldDragon, Brave Prince, Ghost419 and RunningRat. The company says that once the initial backdoor is installed, these new implants establish a permanent presence that siphon information from the victim’s computer. The Gold Dragon implant allows for the downloading of subsequent malware payloads. Brave Prince and Ghost419 can collect content from the victim’s hard drive as well as detailed information about the computer. RunningRat is a remote access […]
The post McAfee uncovers new malware in Olympics hacking campaign appeared first on Cyberscoop.
Continue reading McAfee uncovers new malware in Olympics hacking campaign
A hacking group with suspected Russian links published allegedly leaked emails from the International Olympic Committee (IOC) and the World Anti-Doping Agency (WADA) on Wednesday, less than a month before the 2018 Winter Olympics begin in Pyeongchang, South Korea. The group, known as “Fancy Bear,” posted conspiracy theory-laced, Illuminati-themed, heavily doctored pictures of Olympic officials Wednesday with text teasing a new release. A few hours later, the group posted a link to a website and leaked email archives with the title “#WADA vs. #IOC: Fight for Clean Sport or Fight for Power?” A lengthy blog post accused “Anglo-Saxon” nations including the United States of fighting for “power and cash in the sports world” but doing so “on the pretext of defending clean sport.” The group, also known as APT28, is best known as being credited with breaching the the Democratic National Committee and Hillary for America campaign in 2016, as well as propaganda tied to other Olympic athletes […]
The post ‘Anglo-Saxon Illuminati’ responsible for Olympic doping controversy, according to Fancy Bear appeared first on Cyberscoop.
Hackers targeted the upcoming 2018 Winter Olympics in a campaign that had all the hallmarks of a nation-state hacking campaign, according to the cybersecurity firm McAfee. A slate of organizations involved with the Pyeongchang-based games received spearphishing emails beginning Dec. 22, 2017 and continuing until the end of the month. The attackers pretended to be with the South Korean National Counter-Terrorism Center. The goal was to have targets open a malicious Microsoft Word document that would establish a backdoor on targeted machines so hackers could then take additional steps to steal data or completely take over a computer. The Olympics are a major target for hackers because billions of dollars as well as global geopolitical undertones always run through the event. The South Korean organizing committee is spending 1.3 billion won ($1.2 million) on cybersecurity for the games. “Overall, this is an example of something that happens fairly regularly with major events and the Olympics generally,” Betsy […]
The post Winter Olympics targeted by nation-state level hacking campaign appeared first on Cyberscoop.
Continue reading Winter Olympics targeted by nation-state level hacking campaign