From fake streaming sites to adware, Tokyo has lesson for future Olympics
- Experts realized there are several creative ways scammers are taking advantage of the buzz around the Olympic Games.
- Over the past few Olympics, scammers have attempted to monetize viewers’ interest by initiating phishing websites that appear Olympics-related.
- This time, security experts found fake streaming sites and even a website selling a virtual currency that is supposed to be a support fund for Olympic athletes.
The final act of the delayed Tokyo Olympics and Paralympics took place last Sunday, almost eight years to the day after the Japanese capital was awarded the Games. When it comes to major sporting events, scammers have always jumped on the opportunity to ply their trade — and the Tokyo Olympics were no different. This summer games saw fake streaming services as the biggest threat.
Since the Rio 2016 Olympics, online streaming of sporting events has increased. To be fair, it is an international game attracting billions of viewers across the globe — and between cord-cutting and Covid-19, more viewers streamed the recent Summer Olympic games than ever before. As major sporting events become increasingly digitized, sports officials are increasingly concerned about cybersecurity. Experts reckon digital technologies pose an increasingly diverse set of threats to Olympic events, and the newer forms of threat are likely to have more serious consequences.
Despite the FBI’s warning that cybercriminals would target the Olympic Games this summer, it did not stop cybercriminals, in fact, most of them are getting extra creative with the campaigns designed to harvest credentials. Two separate reports by Kaspersky experts and Zscaler’s ThreatLabz analyzed Olympic-related phishing attacks and found fake pages offering streaming services, tickets to events that won’t have spectators, and even a fake Olympic Games virtual currency.
During the summer games, Zscaler’s ThreatLabz observed multiple instances of suspicious streaming services that weren’t associated with any of the official Olympic streaming providers. Instead, these websites claimed to provide free access to watch the games online before requesting payment credentials from customers.
After users register for access to these illegitimate streaming sites, they were directed to a fake payment portal that was used to harvest their credit card numbers and other payment information. Most of the streaming transactions observed were from the United States and Europe, with Germany and France leading in transactions. Within the Asia Pacific countries, India and Japan led the way. The importance and popularity of the event make it a target for cyberattacks, with threat actors installing malicious software from ransomware to coin miners.
On the other hand, Kaspersky experts found various phishing pages offering streaming services for the games. The trick is that users have to register to watch. Those registration pages are phishing schemes and, “once a user enters their credentials, they might be redirected to a page that distributes different malicious files,” according to Kaspersky.
Basically, the fake streaming sites scams highlighted are a double whammy, delivering malware and harvesting user credentials. To top it off, some fraudsters are still trying to sell tickets to the games even with no live audiences this year. Kaspersky experts also discovered pages offering refunds for already purchased tickets.
Zscaler also observed Olympic-themed adware activity during the Tokyo Olympics that claimed to offer free streaming services.
However, users were instead redirected to unrelated sites for online gambling, auto-trading, and other topics. According to their blog posting, it also saw cases where users were redirected to install adware in the form of browser extensions and fake software updaters.
To top it off, the sophisticated malware OlympicDestroyer, which first appeared online during the 2018 Winter Olympics in Pyeongchang, South Korea, was also observed in the wild this summer as cybercriminals brought it back for the latest Olympic Games.
At its core, OlympicDestoryer is a worm that spreads using Windows network shares and drops multiple files onto a victim’s machine that tries to steal their browser and system credentials.
Fake virtual currency
Kaspersky researchers found a fake virtual token of the event — by cybercriminals masquerading as a charity. To convince people to buy it, the scammers say that the fundraiser will support athletes who are in need of financial support. Kaspersky’s security expert Olga Svistiunova said, “Cybercriminals always use popular sporting events as bait for cyber attacks.
We see that fraudsters have no limits when it comes to creating ways to profit. For example, the phishing that sells an Olympic Games virtual currency shows that cybercriminals are not only using existing baits but are also creating sophisticated and creative ideas.”
A lesson for upcoming Olympics
It is axiomatic as it is, that not all cyberattacks are created equal. Yet when it comes to major sporting events, there has been no coherent effort to categorize the risks that are particular to these types of events, and/or to enable officials to prioritize among the various types of attacks.
To date, there are four significant categories of cyberattacks on major sporting events: the infiltration of sporting websites and IT systems; tickets-related scams; the hacking and release of sensitive athlete data; and the risk of fans being hacked while attending an event.
This will change—and quickly. The increased ‘technification’ of sports will continue and even accelerate, over the next seven or so years. There are huge possible future risks that will come to fruition as technology continues to change. Perhaps, past Olympic cyber-related issues and the most recent ones could shed light on how the Olympic movement can keep up with the rapid pace of cybercriminals activity.
- The digital education platforms shaping schools and colleges today
- The Hot Vendor That’s Making Cloud Storage Simple, Affordable and Predictable
- What happens when scammers get scammed?
- Announcements you might have missed from AWS reInvent 2022
- Reece unlocks data to power its competitive advantage with SnapLogic’s intelligent integration