Although the FBI warned that cybercriminals would target the Olympic Games this summer, new research from Zscaler has revealed that fake streaming services were actually the biggest threat of the Tokyo Olympics.
Since the Rio Olympics back in 2016, streaming sporting events online has increased significantly and this was also the case during the recent Summer Olympics in Tokyo.
During this year’s games, Zscaler’s ThreatLabz observed multiple instances of suspicious streaming services that weren’t associated with any of the official Olympic streaming providers. Instead these websites claimed to provide free access to watch the games online before requesting payment credentials from customers.
After users registered for access to these illegitimate streaming sites, they were directed to a fake payment portal that was used to harvest their credit card numbers and other payment information.
Adware and the return of OlympicDestroyer
Zscaler also observed Olympic-themed adware activity during the Tokyo Olympics that claimed to offer free streaming services. However, users were instead redirected to unrelated sites for online gambling, auto trading and other topics.
According to a new blog post from Zscaler, it also saw cases where users were redirected to install adware in the form of browser extensions and fake software updaters. One example is the YourStreamSearch browser extension which is a known browser hijacker that recommends ads based on a user’s search history.
The sophisticated malware OlympicDestroyer, which first appeared online during the 2018 Winter Olympics in Pyeongchang, South Korea, was also observed in the wild this summer as cybercriminals brought it back for the latest Olympic Games. At its core, OlympicDestoryer is a worm that spreads using Windows network shares and drops multiple files onto a victim’s machine that try to steal their browser and system credentials.
To avoid falling victim to these and other scams related to online streaming, Zscaler recommends that users update their VPN services and devices, enable two-factor authentication (2FA), verify the source of emails, avoid unofficial app stores and backup their most important documents and media files.