McAfee discovered 'malicious documents' targeting Winter Olympics ahead of opening ceremony 'hack'

The 2018 Winter Olympics opening ceremonies were briefly impacted when servers belonging to Olympic organisers were hacked.
Written by Asha Barbaschow, Contributor

The opening ceremonies of the Winter Olympics were subject to an attack on Friday, with the PyeongChang Organizing Committee for the 2018 Olympic & Paralympic Games (POCOG) confirming it experienced a cyber attack that caused a malfunction of the internet protocol televisions (IPTVs) at the Main Press Centre, Yonhap News reported over the weekend.

According to the South Korean publication, POCOG said its servers were hacked by an "unidentified attacker" during the ceremony, and that it shut down the servers -- and, as a result, its website -- to prevent further damage.

The website, which was shut down during the opening ceremony held on Friday, was switched back on at around 8am local time on Saturday.

While the details are mostly unknown, McAfee Advanced Threat Research senior analyst Ryan Sherstobitoff said his teams found a new variant of the malicious documents targeting the Winter Games a few days prior to the opening ceremonies.

"The new document contained the same metadata properties as those related to Operation GoldDragon, and sought to gain persistence on systems owned by organisations involved with the Winter Games," Sherstobitoff said in a statement.

"It is clear attacks are ongoing and are likely to continue throughout the duration of the games. What is yet to be determined is if actors are working simply to gain disruption, or if their motives are greater."

He said McAfee analysts are continuing to monitor the situation.

Watch: Here's how to stream the 2018 Winter Olympics

It was reported last month that McAfee Labs researchers had uncovered a phishing and malware campaign targeting organisations involved with the Games, with the aim of controlling infected machines.

The campaign uses a previously unseen form of malware designed to hand control of the victim's machine over to the attackers. The attack has been dubbed "Operation PowerShell Olympics" by the researchers who uncovered it taking place in late December.

"This particular malware has not been seen before, and it is something custom that was created by the attacker," Sherstobitoff told ZDNet at the time.

Read also: Fileless malware is targeting the 2018 Winter Olympics using brand new tools (TechRepublic)

The attacks uncovered in December began with phishing emails appearing to have come from the South Korean National Counter-Terrorism Center; however, McAfee Labs believes the emails were sent from an IP address in Singapore.


Hackers target Winter Olympics with new custom-built fileless malware

Researchers have uncovered a campaign targeting organisations involved with next month's Games in South Korea, with the aim of controlling infected machines.

Robots will compete for attention at 2018 Olympics

After heavy investment, the Winter Games in PyeongChang will be much more than a showcase for athletes.

Russian hackers leak Rio athletes' confidential medical files

The files contain confidential data on Rio Olympic athletes.

Winter Olympics: Visa debuts limited edition mobile payment wearables in PyeongChang (TechRepublic)

IoT will be a component of the Winter Olympics, with Visa introducing three NFC-enabled wearable payment devices for athletes and fans.

Intel 5G platform to power 2018 Winter Olympics network

Intel's 5G mobile trial platform, processors, and technologies will be used for Korea Telecom's 5G network for the Pyeongchang Olympic Winter Games next year.

Editorial standards