Researchers Warn Of Rio 2016 Malware As Olympic Searches Return Threats

Just as Pokemon Go and the recent Euro 2016 football tournament in France have created cybersecurity headaches for businesses, researchers are warning cybercrminals will look to capitalise on the Rio 2016 Olympic Games this summer.

Zscaler has found ransomware on the South African Gymnastics Federation and suggests it is a sign of things to come as interest in the Olympics heats up and sports fans search for live streams, tickets and other information.

“As we get closer to the event, we expect to see a rise in threats and scams leveraging Olympics topics to target a large number of victims,” it said.

Rio 2016 cybersecurity

The federation’s website leads users to a landing page for the CryptXXX ransomware using the Neutrino exploit kit. Before encrypting the data, the malware seeks to delete shadow copies of files before encrypting data.

Separately the researchers simulated another attack, this time involving the RIG Exploit Kit, when searching how to make a Rio 2016 themed cake. Of course, these assaults could be random, but it is likely the Olympics will encourage more targeted attacks.

“The compromised site contains a malicious inject hidden in the jquery.js file that redirects the user to a gate. This gate redirects the user to the RIG landing page, which loads a malicious .SWF [Flash file],” they said.

“Following exploitation, a payload encrypted with a simple XOR cipher is downloaded onto the victim’s system. The malware in question is the infamous worm, Qakbot. In addition to attempting to spread itself across network shares, Qakbot can allow remote access to the user’s system, steal information from the victim’s machine and exfiltration to the attacker’s remote server, among other functions.

“The threat installs itself as a service named “Remote Procedure Call (RPC) Service” to mask its presence and ensure persistence.”

Like other scams, Zscaler recommends users stay away unofficial app stores, check for legitimate URLS and avoid emails with attachments or offers that seem too good to be true.

In the past few weeks, scammers have targeted Pokemon Go fans with fake applications, while Euro 2016 saw similar sporting-themed ruses such as tickets.

What do you know about sport and technology? Try our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago