As the 2020 Tokyo Olympics is a widely-publicized and popular event, malicious actors have started targeting event organizers and fans well before the opening ceremony. Researchers warn about a number of tactics that have already been used by threat actors.
We’ve reported about one campaign in which attackers spread a weaponized PDF file that purports to be a report on the Olympics-related cyberattacks, but in fact constitutes a threat. The malware was uploaded to VirusTotal, a malware-scanning site, and has been detected by several security software products, including by Tokyo-based Mitsui Bussan Secure Directions.
Researchers believe the attacks have originated from Japan because to create the fake PDF, attackers used the Ichitaro word processor, software mainly used in Japan.
The malware’s goal is to wipe the victim’s files. A strain of this malware known as “wipers” was used in attacks during the 2018 Winter Olympics in South Korea. Dubbed Olympic Destroyer, the wiper caused system disruptions at the time.
Security officials are keeping a close eye on wiper malware, and MBSD’s Takashi Yoshikawa believes this is the most troublesome threat for this Olympics.
“This is the type of attack we should be most concerned about for the Tokyo Olympics, and we need to continue keeping a close eye on this,” Yoshikawa said.
Fake streaming websites have also emerged as a cyber threat during the Games, especially since spectators are now largely barred from accessing the events due to COVID-19 restrictions.
Threat actors are targeting the fans also through search engines, including Google Search. Malicious sites appear when online users are looking for terms related to the Olympics that were displaying banners asking to turn on browser notifications in order to show malicious advertisements.
If you’re looking for ways to watch the Olympics, be careful which sites you visit. Malicious sites can open the user up to an attack. There are two official streaming platforms for the Olympics in Japan, both of which are free to use, NHK and TVer. Other streamers are not approved in the country.
There have also been reports of fake Olympics websites that mimic real ones. They contain “Tokyo” or “2020” in their domain names and should be avoided.