Latest in Gear

Image credit:

Olympic hackers may be attacking chemical warfare prevention labs

Russia is once again a potential culprit.
Jon Fingas, @jonfingas
June 19, 2018
Share
Tweet
Share

Sponsored Links

Reuters/Pawel Kopczynski

The team behind the 2018 Winter Olympics hack is still active, according to security researchers -- in fact, it's switching to more serious targets. Kaspersky has discovered that the group, nicknamed Olympic Destroyer, has been launching email phishing attacks against biochemical warfare prevention labs in Europe and Ukraine as well as financial organizations in Russia. The methodology is extremely familiar, including the same rogue macros embedded in decoy documents as well as extensive efforts to avoid typical detection methods.

While Kaspersky didn't directly point fingers, it brought up a number of clues suggesting that Russia was responsible. Most of the lab targets were people associated with an upcoming biochemical threat conference run by Spiez Laboratory, which just happened to be involved in the investigation of the nerve agent poisoning of former Russian double agent Sergei Skripal and his daughter Yulia. Also, Kaspersky noted that the custom images and messages in the documents were in "perfect" Russian, and one of them specifically references the Skripal attack (conveniently, a piece where scientists couldn't definitively came from Russia).

So why target Russian financial outfits, then? Kaspersky acknowledged that there could be multiple parties involved (say, profit-oriented crooks in addition to state-sponsored attackers). However, it's generally accepted that Russia tried to frame North Korea for the Olympic hack. It's entirely possible that the Russian targets amounted to a false flag meant to cast doubt on the true origins of the attack. The focus on labs and the Skripal connection may have been meant to rattle the West for daring to attribute assassination attempts to Russia.

It may be difficult to completely prevent campaigns like this when political tensions are so high. Kaspersky believes the labs can curb this in the future, however, such as tightening their overall security and running impromptu security audits. It's also a reminder to be cautious -- a seemingly innocuous attachment can have dire consequences.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Chevy will start selling EV retrofit kits in 2021

Chevy will start selling EV retrofit kits in 2021

View
AI can detect COVID-19 by listening to your coughs

AI can detect COVID-19 by listening to your coughs

View
Roborace engineer explains why a driverless racecar drove into a wall

Roborace engineer explains why a driverless racecar drove into a wall

View
$149 Playdate handheld is 'ready to go,' orders start in early 2021

$149 Playdate handheld is 'ready to go,' orders start in early 2021

View
Nest thermostats in the US and Canada can now monitor your HVAC system

Nest thermostats in the US and Canada can now monitor your HVAC system

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr