Warning of the return of the Olympic Destroyer threat
The threat that made headlines at the opening ceremony of the Winter Olympics in Pyeongchang, South Korea, Olympic Destroyer, has been found to be still active, according to a new discovery from security firm Kaspersky.
 |
| The Olympic Destroyer is back, threatening the Winter Olympics |
According to Kaspersky, the reappearance of Olympic Destroyer has been recorded operating in Germany, France, Switzerland, the Netherlands, Ukraine and Russia, targeting organizations involved in protecting against chemical and biological threats.
Olympic Destroyer is an advanced threat actor targeting organizations, vendors, and partners of the 2018 Winter Olympics in Pyeongchang, attempting to sabotage networks with a worm. And now researchers have spotted Olympic Destroyer activity again, using the same probe and intrusion suite to focus on targets in Europe.
Olympic Destroyer's ultimate goal is to extract malicious documents designed to grant general access to compromised computers.
The attackers used a legitimate web server to run and manage the malware, using a popular content management system (CMS) called Joomla.
