29 October 2019

Fancy Bear hackers strike ahead of 2020 Tokyo Olympics

Fancy Bear hackers strike ahead of 2020 Tokyo Olympics

Notorious hacking group Strontium (also known as Fancy Bear, APT28, Sofacy or Sednit) has recently launched a slew of cyberattacks aimed at anti-doping and sports-related organizations ahead of the Tokyo Olympics in 2020, Microsoft warned.

In a brief report the company said that the attacks it detected began on September 16, just before the news from the World Anti-Doping Agency (WADA) about inconsistencies found in a database from Russia's national anti-doping laboratory. The group targeted at least 16 national and international organizations across three continents. The company did not name any specific targets, but said that the majority of the attacks were unsuccessful.

As for the techniques used in the recent attacks, Microsoft says that Strontium leveraged its usual methods previously seen in the campaigns targeting governments, militaries, think tanks, law firms, human rights organizations, financial firms and universities around the world. These methods include spear-phishing, password spray, exploiting internet-connected devices and the use of both open-source and custom malware, the researchers say.

It is unclear how many agencies were hacked, but the company says that it notified its customers affected by the attacks and worked with those seeking help to secure compromised accounts or systems.

Anti-doping organizations have for a long time long been a subject of interest to Strontium. For example, the group was linked to incidents in 2016 and 2018 in which emails and medical records stolen from sporting organizations and anti-doping officials were made public, leading to a 2018 indictment in federal court in the United States.

Back to the list

Latest Posts

New group of hackers targets businesses with backdoor malware in financially-motivated attacks

New group of hackers targets businesses with backdoor malware in financially-motivated attacks

The TA2101 gang used malicious emails to infect organizations in Germany, Italy, and the United States with backdoor, banking Trojan, or ransomware malware.
15 November 2019
APT33 hackers set up their own VPN network to thwart tracking

APT33 hackers set up their own VPN network to thwart tracking

APT33 used its private VPN network for reconnaissance of networks that are relevant to the supply chain of the oil industry.
14 November 2019
New unusual ransomware is hunting for enterprise servers

New unusual ransomware is hunting for enterprise servers

New PureLocker ransomware seems to have links to the malware provider used by Cobalt and FIN6 hacking groups.
13 November 2019
Featured vulnerabilities
Debian update for postgresql-common
Low Patched | 15 Nov, 2019
Cross-site scripting in Pimcore
Low Patched | 15 Nov, 2019
Multiple vulnerabilities in Pimcore
Medium Patched | 15 Nov, 2019