Concerned about recent PAN-OS and other firewall/VPN CVEs? Take advantage of Zscaler’s special offer today

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Security Research

Fake Vancouver Winter Olympic Videos Spreading Malware

February 12, 2010 - 2 min read

It certainly didn't take attackers long to take advantage of the Olympic Winter Games, which began today in Vancouver. Within minutes of the completion of the opening ceremonies, Twitter messages were appearing from an account called gamesvancouver. The shortened URL displayed promises footage of the opening ceremonies but instead redirects users to a page that is effectively a mirror image of the official web page for the 2010 Vancouver Olympics. Upon closer inspection, however, it can be seen that the domain name used by the site is a slight misspelling of the official site, replacing a 'u' for an 'n' in the domain name.

The attackers are using a common technique of social engineering victims into downloading a fake codec for Flash, which the site states is necessary in order to view the requested video. In reality, the victim is downloading and installing a Windows executable which contains a Trojan/Downloader. The malicious file is currently detected by only 11 of 41 anti-virus vendors (VirusTotal results). Given the popularity of the Winter Olympics, it is not surprising that attackers are taking advantage of the event to spread malware. It is however concerning that most anti-virus vendors are unable to address this particular threat. Given the authentic nature of the attack site, lack of anti-virus signatures, use of Twitter to advertise the campaign and timing of the attack, it is reasonable to assume that it will succeed in achieving its goal of infecting numerous machines.
Enjoy the Olympics, but be careful where you click!
- michael
form submtited
Thank you for reading

Was this post useful?

dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.