Hackers have already begun targeting the Pyeongchang Olympic Games with malware-infected emails which may be aimed at stealing passwords or financial information, researchers said Saturday.
The security firm McAfee said in a report that several organizations associated with the Olympics had received the malicious email with the primary target being groups affiliated with ice hockey.
“The majority of these organizations (targeted) had some association with the Olympics, either in providing infrastructure or in a supporting role,” the McAfee report said. “The attackers appear to be casting a wide net with this campaign.”
In the attacks, which began as early as December 22, emails were “spoofed” to make them appear to come from South Korea’s National Counter-Terrorism Center, which was in the process of conducting antiterror drills in the region in preparation for the Games.
McAfee said the emails came in fact from an address in Singapore, and instructed the readers to open a text document in Korean.
The document was titled “Organized by Ministry of Agriculture and Forestry and Pyeongchang Winter Olympics,” according to the report.
The malware in some cases was hidden in text, and later in an image — a technique known as steganography, according to McAfee.
“Based on our analysis, this implant establishes an encrypted channel to the attacker’s server, likely giving the attacker the ability to execute commands on the victim’s machine and to install additional malware,” McAfee said.
McAfee said it expects more attacks of this nature, echoing warnings last year from University of California researchers of increasing targeting of sporting events.
“With the upcoming Olympics, we expect to see an increase in cyberattacks using Olympics-related themes,” the McAfee report said.
“In similar past cases, the victims were targeted for their passwords and financial information.”
