Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Security Research

Fake Vancouver Winter Olympic Videos Spreading Malware

February 12, 2010 - 2 min read

It certainly didn't take attackers long to take advantage of the Olympic Winter Games, which began today in Vancouver. Within minutes of the completion of the opening ceremonies, Twitter messages were appearing from an account called gamesvancouver. The shortened URL displayed promises footage of the opening ceremonies but instead redirects users to a page that is effectively a mirror image of the official web page for the 2010 Vancouver Olympics. Upon closer inspection, however, it can be seen that the domain name used by the site is a slight misspelling of the official site, replacing a 'u' for an 'n' in the vancouver2010.com domain name.

The attackers are using a common technique of social engineering victims into downloading a fake codec for Flash, which the site states is necessary in order to view the requested video. In reality, the victim is downloading and installing a Windows executable which contains a Trojan/Downloader. The malicious file is currently detected by only 11 of 41 anti-virus vendors (VirusTotal results). Given the popularity of the Winter Olympics, it is not surprising that attackers are taking advantage of the event to spread malware. It is however concerning that most anti-virus vendors are unable to address this particular threat. Given the authentic nature of the attack site, lack of anti-virus signatures, use of Twitter to advertise the campaign and timing of the attack, it is reasonable to assume that it will succeed in achieving its goal of infecting numerous machines.
Enjoy the Olympics, but be careful where you click!
- michael

Explore more Zscaler blogs

A cyber criminal shopping for malware
Agniane Stealer: Dark Web’s Crypto Threat
Read Post
Business people walking through a city
The Impact of the SEC’s New Cybersecurity Policies
Read Post
Digital cloud illuminated in blue
Security Advisory: Remote Code Execution Vulnerability (CVE-2023-3519)
Read Post
The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region
Read Post
01 / 02
dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.