Just as Pokemon Go and the recent Euro 2016 football tournament in France have created cybersecurity headaches for businesses, researchers are warning cybercrminals will look to capitalise on the Rio 2016 Olympic Games this summer.
Zscaler has found ransomware on the South African Gymnastics Federation and suggests it is a sign of things to come as interest in the Olympics heats up and sports fans search for live streams, tickets and other information.
“As we get closer to the event, we expect to see a rise in threats and scams leveraging Olympics topics to target a large number of victims,” it said.
Separately the researchers simulated another attack, this time involving the RIG Exploit Kit, when searching how to make a Rio 2016 themed cake. Of course, these assaults could be random, but it is likely the Olympics will encourage more targeted attacks.
“The compromised site contains a malicious inject hidden in the jquery.js file that redirects the user to a gate. This gate redirects the user to the RIG landing page, which loads a malicious .SWF [Flash file],” they said.
“Following exploitation, a payload encrypted with a simple XOR cipher is downloaded onto the victim’s system. The malware in question is the infamous worm, Qakbot. In addition to attempting to spread itself across network shares, Qakbot can allow remote access to the user’s system, steal information from the victim’s machine and exfiltration to the attacker’s remote server, among other functions.
“The threat installs itself as a service named “Remote Procedure Call (RPC) Service” to mask its presence and ensure persistence.”
Like other scams, Zscaler recommends users stay away unofficial app stores, check for legitimate URLS and avoid emails with attachments or offers that seem too good to be true.
In the past few weeks, scammers have targeted Pokemon Go fans with fake applications, while Euro 2016 saw similar sporting-themed ruses such as tickets.
What do you know about sport and technology? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…