Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Winter Olympics. Show all posts

Group-IB Found 140 Resources with Fraudulent Schemes under the Guise of Olympic Games Broadcasts

 

Group-IB experts have identified 140 resources in the network that, under the guise of live broadcasts of the Winter Olympic Games in Beijing, redirect users to fraudulent and phishing sites. Most of the dangerous resources are already blocked. 

"After the opening of the XXIV Winter Olympic Games in Beijing, the specialists of the Information Security Incident Response Center (CERT-GIB) found 140 active resources that were used to host illegal broadcasts, and therefore for scamming and phishing. In total, 289 sites could potentially be involved in the scheme," said experts. 

The largest fraudulent network is Kinohoot, which includes over a hundred resources. During the Summer Olympic Games in Tokyo, CERT-GIB specialists found 120 resources of the same type created for conducting fraudulent live broadcasts. 

Group-IB explained that the user sees on one of the pages of the hacked resource a video player window with an embedded link to the live broadcast and symbols of the Winter Olympic Games. Users must register, enter the phone numbers and indicate a special access code to watch the broadcast. This leads the victim to phishing resources. 

Attackers can offer users to participate in the drawing of free access to broadcasts, and to receive a cash prize, the user must pay a conversion fee, which is usually 300-500 rubles ($4-7), and enter bank card data on a phishing resource, or send an SMS to the specified number. Instead of broadcasting, the victim is connected to various paid services and subscriptions. 

"Such Internet scams have been known for quite a long time, but scammers constantly adjust their schemes to popular or significant events in the world and, of course, use newly registered domains for this. In this scheme, in order to gain the trust of the victim, the redirect is often placed on legitimate hacked sites, for example, universities (Ecuadorian Universidad Esp ritu Santo or Indonesian Universitas Muhammadiyah Yogyakarta), charitable foundations and non-profit organizations (African Studies Association)," said the head of CERT-GIB Alexandra Kalinina. 

Group-IB experts recommend to follow sporting contests of the Olympic Games only on official resources, as well as to be wary of draws and not to enter the data of bank cards and personal data on suspicious sites.

Russia hacks Winter Olympics, shifts blame on North Korea

According to a report in Washington Post on Sunday, U.S. Intelligence has found that Russian military spies hacked several hundred computers used by authorities during the 2018 Winter Olympic Games in South Korea.

Over 300 Olympic-related computers were hacked early in February, continuing a string of cyber attacks in the Winter Olympics.

U.S. officials say that this was a “false-flag” operation, where they carried out the attack while making it appear as though North Korea was behind it by using North Korean IP addresses. Olympics confirmed at the beginning of the games that an attack had taken place but did not reveal who the attackers were.

The attack took down internet and WiFi access during the opening ceremonies on February 9th, as well the event’s website, and also case the failure of several other Olympic-liked websites and broadcast systems.

Due to the attack, many attendees were unable to print their tickets, leading to empty seats.

Some analysts believe that the attack was in retribution to Russia’s ban in the Winter Olympics after an investigation into doping violations by Russia.

However, Russia’s foreign ministry has denied Russia’s involvement in the attacks. "We know that Western media are planning pseudo-investigations on the theme of ‘Russian fingerprints’ in hacking attacks on information resources related to the hosting of the Winter Olympic Games in the Republic of Korea," it said.