Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label FIFA. Show all posts

SRF: Investigation Links Qatar to FIFA Hacking and Ex-CIA Operative’s Firm

 

Qatar reveals to have launched a large-scale and long-standing operation against FIFA officials via ex-CIA operatives. With Switzerland serving as a key operator, the highest circles of the Qatari government were as well involved in the espionage operation that was working in secret. 

With the intelligence agents involved planned on swaying the world events in the operation and hackers stealing controversial information and data, the operation was in fact funded by an anonymous client with hundreds of millions of dollars. 

The issue came to light when an investigation by Swiss media SRF’s investigative team ‘SRF Investigativ’ shared details of how the state of Qatar had officials of the world football spied on. Additionally, the investigations showed how the non-FIFA critics of the upcoming World Cup were targeted as well. 

According to the English- version of the report by Tariq Panja from The York Times, The SRF News revealed that Qatar hired an ex-CIA operative Kevin Chalker’s “Global Risk Advisors” firm for “predictive intelligence” on FIFA officials who would attempt on moving the World Cup from the country, via their predictive intelligence efforts allegedly involving computer hacking through intermediaries. 

The ultimate goal of the said efforts is to prevent Qatar from losing the World Cup bid, following the massive criticism that was raised when FIFA awarded the tournament to the authoritarian country in 2010. 

The scope of the covert activities remains considerable, since at least 66 operators were expected to be deployed over the course of one sub-operation alone for over nine years. Moreover, a budget of $387 million was allocated for the operation, with the activities spanning five continents. 

The SRF investigations dig the credentials against the ex-CIA agent Chalker. The investigation deduces that initially, before the World Cup awarding in December 2010, Chalker apparently served as an espionage operator for various bids. But as the criticism raised regarding corruption and human rights violation after the 2010 World Cup was awarded, the target was eventually changed. Now, the goal shifted to preventing FIFA, from taking the World Cup from Qatar, at all costs. 

The investigation showed that Switzerland was the most prominent factor to Qatari intelligence operation. Since, Chalker travelled to Zurich at the demand of Qatar with the intention of bugging the hotel rooms of journalists and members of the Executive Committee. One of the documents revived, included photos taken covertly as a part of surveillance operation. These photographs were reportedly taken at Zurich’s plush Baur au Lac hotel, and showed individuals connected to FIFA meeting with officials and journalists. 

Apparently, FIFA mostly remined oblivious to the spy operation. Sepp Blatter, FIFA’s former President, commented in an interview with SRF, “That there was an organized espionage affair in FIFA, that surprised me. And it's alarming.” Although, several documents indicate that Blatter was of great interest to the spies. The documents mention, for instance, that Blatter’s “plans and intentions” ought to be known in advances. 

Besides, Chalker and Global Risk Advisors are currently dealing with a civil lawsuit, in regard to connection to similar alleged activities. The lawsuit was filed by former US president Donald Trump ally Elliot Broidy. Broidy accused Chalker and his company of a hacking attack on behalf of Qatar, after Broidy’s personal data was leaked to newspapers in 2018. Although, Chalker denies all allegations. The lawsuit is still pending.

Spanish FA Reported a Cyber Attack, Private Texts Seized

 

Police have been informed that the Royal Spanish Football Federation (RFEF) has witnessed a cyber attack. In recent months, top leaders of the union, particularly president Luis Rubiales, have had documents and information from private email accounts, private texts, and audio calls taken.

Headquartered in Las Rozas, La Ciudad del Ftbol, a community near Madrid, the Royal Spanish Football Federation is Spain's football regulating organization. The Spanish FA won the 2010 FIFA World Cup and two European Championships in a row as a result of these events. 

"It's likely this personally identifiable information, taken unlawfully and with clear criminal purpose, was provided to numerous media," the RFEF added. 

Before the publishing of the information, an unnamed journalist informed the RFEF claiming its media outlet had been provided access to illegally acquired material from an unknown source who communicated over an encrypted voice. 

"Through third parties, the media outlet in issue claimed to have obtained confidential contracts, private WhatsApp conversations, emails, and a variety of documents involving the RFEF management," the journalist told. "If accurate, it would be a crime of secret revelation and a breach of the people attacked's fundamental rights." 

The Spanish FA has condemned such "criminal and mafia" acts to all relevant organizations, as well as appointed a private firm to improve security and prevent future attacks.

Cyberattacks, like hacktivists, can be linked to cyber warfare or cyberterrorism. To put it another way, motivations can differ. And there are three basic types of motivations: criminal, political, and personal. Money theft, data theft, and company disruption are all options for criminally minded attackers.

Hacker Hacked Multiple High-profile FIFA 22 Accounts by Phishing EA Support Agents

 

Electronic Arts (EA) has cited "human error" within its customer experience team for a recent wave of high-profile FIFA Ultimate Team account takeovers, with some individuals falling victim to a socially engineered phishing attack. 

EA initiated an inquiry after several top traders in FIFA's Ultimate Team game complained that their accounts had been taken over and emptied of points and thousands of dollars in-game currency last week. Phishers were able to hack less than 50 top trader accounts by "exploiting human error" among EA's customer care employees, according to a post on the company's website on Tuesday. 

The company stated, “Utilizing threats and other ‘social engineering’ methods, individuals acting maliciously were able to exploit human error within our customer experience team and bypass two-factor authentication to gain access to player accounts.” 

Ultimate Team is an online soccer game in which players create virtual squads of real-life competitive players and compete against other online teams. Top traders acquire a substantial amount of in-game currency and points by exchanging individuals and forming diverse teams. 

EA eventually identified was a situation described online by traders who posted screenshots of unusual account behaviour, such as attackers calling EA's customer service via the live chat feature and demanding that an account's email address be altered. While many of these requests were ignored, at least one customer service representative eventually gave in to pressure and altered an account holder's email address. This necessitated the staffer circumventing security processes that require extra verification from account owners, according to a Twitter user and Ultimate Team trader called FUT Donkey, who stated his account had been hacked. 

Response & Impact: 

In response to the incident, EA will require "EA advisors and individuals who assist with the service of EA accounts" to get individual re-training, as well as additional team training primarily focused on security, practices, and phishing techniques, according to the company. 

EA will also add stages to the account ownership verification procedure in FIFA Ultimate Team, including "mandatory managerial permission for all email change requests," according to the company. 

According to the company's article, it will also upgrade its customer experience software to clearly evaluate and identify suspicious behavior and at-risk accounts to further restrict the potential for human mistakes in the account update process. 

The incident should serve as a warning to other gaming platforms: Hackers that attack these sites will continue to show off their skills, just as top traders compete for accolades and currency within the game, according to another security specialist in an email to Threatpost. 

Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify stated, “Gamers and streamers are a massive global trend across social media platforms, capturing the attention of millions who want to know their secret techniques on how they get to the next level.” 

“Hacking is now also becoming a glorified streamed event with the world’s top hackers streaming their hacking skills online, showing off new techniques and methods on how to bypass security and get the initial foothold.” 

Unfortunately for gaming platforms, he noted in his email that this new trend will "certainly grow and manifest in the year ahead."