 "Hackers are attacking Winter Olympics in South Korea with a malware campaign")
Hackers are targeting the upcoming **Winter Olympics** in South Korea with a phishing and malware campaign, cybersecurity firm McAfee researchers have found. [caption id=“attachment_4293479” align=“alignleft” width=“380”]  Representational image. Reuters.[/caption] In a blog post, McAfee Advanced Threat Research analysts Ryan Sherstobitoff and Jessica Saavedra-Morales discovered a campaign targeting organisations involved with the Pyeongchang Olympics scheduled from 9 February to 25 February. “Attached in an email was a malicious Microsoft Word document with the original file name ‘Organised by Ministry of Agriculture and Forestry and Pyeongchang Winter Olympics’,” the duo said late on 7 January. Email addresses associated with ice hockey at the Winter Olympics were among those targeted by attackers. “The primary target of the email was icehockey@pyeongchang2018.com, with several organisations in South Korea on the BCC line. The majority of these organisations had some association with the Olympics, either in providing infrastructure or in a supporting role. The attackers appear to be casting a wide net with this campaign,” they added. The campaign to target Pyeongchang Olympics began on 22 December last year. The attackers originally embedded an implant into the malicious document as a hypertext application (HTA) file, and then quickly moved to hide it in an image on a remote server and used obfuscated Visual Basic macros to launch the decoder script. “They also wrote custom PowerShell code to decode the hidden image and reveal the implant,” the researchers added. If opened, the document tells the user they must click to enable content. Based on their analysis, the team said this implant establishes an encrypted channel to the attacker’s server, likely giving the attacker the ability to execute commands on the victim’s machine and to install additional malware. “With the upcoming Olympics, we expect to see an increase in **cyberattacks** using Olympics-related themes. In similar past cases, the victims were targeted for their passwords and financial information,” McAfee noted. The Advanced Threat Research team has discovered an increase in the use of “weaponised Word documents against South Korean targets in place of the traditional use of weaponised documents exploiting vulnerabilities in the ‘Hangul’ word processor software”, the company added.
Email addresses associated with ice hockey at the Winter Olympics were among those targeted by attackers.
Advertisement
End of Article
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
](https://images.firstpost.com/wp-content/uploads/2018/01/olympics-2018.jpg){kind=link}