+ A

Hackers target groups related to PyeongChang Olympics

Jan 09,2018
Hackers have launched attacks targeting organizations involved with the PyeongChang Winter Olympic through a malicious Microsoft Word document attached to an email, warned a report from McAfee, an American security firm.

The Santa Clara, California-based company’s advanced threat research analysts found that email addresses of organizations in Korea related to the Olympic games - such as icehockey@pyeongchang2018.com - were targeted, potentially in an attempt to steal victims’ passwords and financial information.

The file name of the Microsoft Word file attached to the email was “Organized by Ministry of Agriculture and Forestry and PyeongChang Winter Olympics.”

The majority of these organizations had some association with the Olympics, either in providing infrastructure or in a supporting role, according to the report.

“The attackers appear to be casting a wide net with this campaign,” it noted.

The attacks began on Dec. 22 last year, with the most recent activity happening on Dec. 28.

The hackers originally embedded an implant into the malicious document in the form of a text file and then quickly moved to hide it in an image - a technique known as steganography. The malicious document was submitted from Korea but the actual email was sent from Singapore, according to the IP address.

The attackers made the message appear to be from info@nctc.go.kr, the National Counter-Terrorism Center (NCTC) of Korea. By coincidence or design, the NCTC was in the process of conducting physical anti-terror drills in the region in preparation for the Olympic Games.

When the user opened the document, the text in Korean tells the victim to enable content to allow the document to be opened in their version of Word.

“The spoofed source of this email suggests the message is legitimate and increases the chances that victims will treat it as such,” said the report.

“With the upcoming Olympics, we expect to see an increase in cyberattacks using Olympics-related themes,” the report said. “In similar past cases, the victims were targeted for their passwords and financial information.”

The UC Berkeley Center for Long-Term Cybersecurity released a report last October about cybersecurity in sports, with an emphasis on the Olympic Games. It dealt with potential risks posed by digital technologies in sports, and highlighted possible threats that will arise as these technologies are deployed.


BY SEO JI-EUN [seo.jieun@joongang.co.kr]