Researchers Warn Of Rio 2016 Malware As Olympic Searches Return Threats

Just as Pokemon Go and the recent Euro 2016 football tournament in France have created cybersecurity headaches for businesses, researchers are warning cybercrminals will look to capitalise on the Rio 2016 Olympic Games this summer.

Zscaler has found ransomware on the South African Gymnastics Federation and suggests it is a sign of things to come as interest in the Olympics heats up and sports fans search for live streams, tickets and other information.

“As we get closer to the event, we expect to see a rise in threats and scams leveraging Olympics topics to target a large number of victims,” it said.

Rio 2016 cybersecurity

The federation’s website leads users to a landing page for the CryptXXX ransomware using the Neutrino exploit kit. Before encrypting the data, the malware seeks to delete shadow copies of files before encrypting data.

Separately the researchers simulated another attack, this time involving the RIG Exploit Kit, when searching how to make a Rio 2016 themed cake. Of course, these assaults could be random, but it is likely the Olympics will encourage more targeted attacks.

“The compromised site contains a malicious inject hidden in the jquery.js file that redirects the user to a gate. This gate redirects the user to the RIG landing page, which loads a malicious .SWF [Flash file],” they said.

“Following exploitation, a payload encrypted with a simple XOR cipher is downloaded onto the victim’s system. The malware in question is the infamous worm, Qakbot. In addition to attempting to spread itself across network shares, Qakbot can allow remote access to the user’s system, steal information from the victim’s machine and exfiltration to the attacker’s remote server, among other functions.

“The threat installs itself as a service named “Remote Procedure Call (RPC) Service” to mask its presence and ensure persistence.”

Like other scams, Zscaler recommends users stay away unofficial app stores, check for legitimate URLS and avoid emails with attachments or offers that seem too good to be true.

In the past few weeks, scammers have targeted Pokemon Go fans with fake applications, while Euro 2016 saw similar sporting-themed ruses such as tickets.

What do you know about sport and technology? Try our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Google Confronts Break-Up Threat From US DoJ

US Department of Justice mulls asking judge to force Google to sell parts of its…

3 hours ago

US Supreme Court Rejects X’s Trump Appeal

US Supreme Court declines to hear appeal from X, formerly Twitter, over nondisclosure order attached…

1 day ago

US Judge Orders Google To Allow Android App Store Competition

US federal judge orders Google to undertake wide range of measures allowing third-party app stores…

1 day ago

Ukraine Hackers Disrupt Russian Broadcaster On Putin’s Birthday

Ukrainian hackers disrupt online services of Russian state broadcaster VGTRK on Vladimir Putin's birthday, amidst…

1 day ago

Amazon Antitrust Case Gets Go-Ahead In US Court

US federal judge says FTC and 18 states may proceed with landmark Amazon antitrust case,…

1 day ago