The cybersecurity company McAfee says a group of hackers have attempted to take over computers in South Korea. Hackers are apparently after data involving the Winter Olympics, which start next month in Pyeongchang. McAfee believes an unknown government administration is backing the group, and suspected countries include North Korea, China, and Russia.
At least 50 people across South Korea received malware-infected emails. All recipients have some association with the Olympic games — ski resorts hosting competitions, a nearby airport, and government employees, to name a few. When targets open and enable the attached Microsoft Word document, hackers are able to install programs and run commands.
From what we can tell, they’re trying to potentially establish the ability to gather information on chatter, communications around the upcoming Olympics. With any espionage activity, there’s a first stage reconnaissance to understand who is interesting, casting a wide net.
For North Koreans, motivations would range from wanting to know what was happening to planning for disruption if South Korea or US embarrass or pressure Pyongyang. Chinese I would guess intel gathering, mainly to avoid surprises. Russia [is] a possibility, given passed hacks of doping agencies,” he said. “Given previous attacks on sports infrastructure, [it] now seems routine.
Probably a 400lb guy in his basement. Now, about those emails— Cult32 (@peter_doyle_) January 7, 2018
H/T: BuzzFeed News