TOKYO — With the opening ceremony of the Tokyo Olympics approaching, malicious software and websites have targeted both event organizers and ordinary fans.
A fake PDF file masquerades as a Japanese-language report on Olympics-related cyberattacks, for example. Opening it activates malware that infects the user’s computer and deletes files.
This malware was uploaded to the VirusTotal malware-scanning site Tuesday and has been detected by several antivirus software products around the world, according to Tokyo-based Mitsui Bussan Secure Directions.
Its targets include files created on the Ichitaro word processor, used mainly in Japan. Hackers are believed to have emailed the fake PDF to Japanese event insiders in an attempt to destroy key Olympics-related documents.
MBSD’s Takashi Yoshikawa warned against such “wiper” malware. At the 2018 Winter Games in Pyeongchang, South Korea, the so-called Olympic Destroyer malware caused major system disruptions.
“This is the type of attack we should be most concerned about for the Tokyo Olympics, and we need to continue keeping a close eye on this,” Yoshikawa said.
Fake streaming sites have also emerged as a key concern for the Games, especially with spectators now largely barred over COVID-19 concerns.
The sites, which had shown up when searching for Olympics-related terms on such search engines as Google, ask users to allow browser notifications in order to display malicious advertising. Trend Micro has already identified multiple sites of this type.
Olympics content is available free of charge on two official streaming platforms in Japan: one from state broadcaster NHK, and the other run by commercial broadcasters and called TVer.
Other streamers are not authorized in the country. Clicking their links could open the user up to attack, Trend Micro warns, urging fans to watch the Olympics on officially approved platforms.
Other threats include fake Olympics websites with key terms like “Tokyo” or “2020” in their domain names. Login information of ticket buyers and volunteers has also been leaked online in a likely phishing attack. Organizers are urging caution against such threats.