Phishing tools, information-stealing software, fake websites, and ransomware related to the 2024 Paris Olympics have all increased dramatically.
While athletes around the world get ready for the 2024 Paris Olympics, taking place from July 26 to August 11, hackers have also prepared early for this special event. According to US security platform FortiGuard Labs, cybercrime targeting the Olympics is increasing sharply.
Specifically, from the last 6 months of 2023, experts have noticed that Dark Web activity (an encrypted website system used by hackers) increased by 80-90% compared to the same period last year. This increase continues in the first half of 2024.
According to FortiGuard Labs, criminal groups are preparing a variety of tools and services to collect personally identifiable information (PII). The trading of login data, VPN connections, phishing blocking and exploit tools customized specifically for the Paris Olympics is increasingly active. Many sensitive databases related to French people such as full names, dates of birth, personal identification numbers, email addresses... are also collected for automated attacks.
Phishing tools (fake attacks) are widely sold on the Dark Web. Although it is the easiest form of attack, unskilled cybercriminals will not know how to create or distribute phishing emails. Therefore, the available tools provide novice hackers with a simple interface to compose phishing emails, create domains and search for prey. Generative AI is also included in the phishing toolkit to correct spelling and grammar errors and prevent recipients from detecting unusual content. Services that send random text messages and fake phone numbers also appear in abundance.
A large number of typosquatting domain names, which have names similar to the official website, with only certain letters and characters changed, are also being registered. There are confusing names such as oympics.com, olmpics.com, olimpics.com... These domain names copy the interface of the official ticket sales website, trick users into paying and then disappear. According to the French security agency, there are an estimated 338 fraudulent websites claiming to be places to sell Olympic tickets. 51 sites have been closed and 140 sites have received official notices from law enforcement.
Not stopping there, many Summer Olympics-themed prize-winning game scams also appeared. Fraudsters impersonate big brands such as Coca-Cola, Microsoft, Google, World Bank to trick users into participating in games of chance.
Information-stealing software designed to silently infiltrate users' computers or personal devices is also being sold a lot. Security experts from FortiGuard Labs noted that they have noticed that crooks are deploying many different types of malware to attack their prey. They can perform ransomware attacks (data encryption), thereby causing great financial damage to both individuals and organizations. For example, Raccoon, a low-cost malware as a service (MaaS), is widely sold on Dark Web forums. This software steals browser-saved passwords, digital wallets, and other sensitive data. Next, Lumma - subscriber-based, malware-as-a-service - also grew strongly.
According to experts, hackers can target infrastructure, communication channels and affiliated organizations to disrupt events, steal user information, encrypt data and extort money. Therefore, organizations and individuals directly participating or watching the 2024 Olympics remotely need to be vigilant against cybercrime. Users should limit the use of public Wi-Fi, install two-layer security, and install additional malware detection and warning tools. Organizations should regularly create data backups, monitor defense lines, update software, and patch security vulnerabilities continuously.