Hackers Are Already Targeting the South Korean Winter Olympics

                 

Hackers Are Already Targeting the South Korean Winter Olympics

By Daniel Politi

Slate, Jan 07, 2018, 5:27 PM

       

The Pyeongchang Olympic Games are still more than a month away but hackers are already working their magic, sending malware-infected emails to several organizations associated with the Winter Olympics that will be held in South Korea in February. The primary target of the malware campaign was icehockey@pyeongchang2018.com although several organizations tied to the Olympics were also targeted, according to cybersecurity firm McAfee

A South Korean man walks in front of the mascots of the 2018 PyeongChang Winter Olympic and Paralympic Games Soohorang (L) and Bandabi (R) on January 5, 2018 in Seoul, South Korea.

Chung Sung-Jun/Getty Images

The hacker group that is sending out these infected emails is likely working on behalf of a government, with North Korea, China, and Russia seen as the most likely culprits, according to BuzzFeedtold reporters Friday

The campaign to target the Olympic Games that will be held in northeastern South Korea began as early as Dec. 22 with emails that included a malicious Microsoft Word document with the file name “Organized by Ministry of Agriculture and Forestry and Pyeongchang Winter Olympics.” The message was spoofed to make it look like it came from info@nctc.go.kr, which is South Korea’s National Counter-Terrorism Center when it was actually sent from Singapore. The use of that agency is significant considering that it was in the middle of conducting antiterror drills in the region ahead of the games when the emails went out.

       

When the Word document is opened, the user is asked to enable content, usually a red flag for malicious content. once that happens, the user gives hackers pretty much free reign over his or her machine. “Based on our analysis, this implant establishes an encrypted channel to the attacker’s server, likely giving the attacker the ability to execute commands on the victim’s machine and to install additional malware,” McAfee said.

       

“From what we can tell, they’re trying to potentially establish the ability to gather information on chatter, communications around the upcoming Olympics,” Ryan Sherstobitoff, a senior researcher at McAfee Advanced Threat Research, said. “With any espionage activity, there’s a first stage reconnaissance to understand who is interesting.”

       

McAfee warned this type of cyberattack