A fileless malware campaign was discovered targeting organizations associated with the upcoming 2018 winter Olympics being held in Pyeongchang, South Korea, report analysts at McAfee Advanced Threat Research. An unknown nation-state attacker is likely responsible.
The campaign’s primary target was email@example.com with 337 South Korean organizations included on the BCC line. Most targets had some involvement in the Olympics, either in providing infrastructure or playing another supporting role.
This attack arrived as a spearphishing email containing a malicious Word attachment with the original file name “Organized by Ministry of Agriculture and Forestry and Pyeongchang Winter Olympics” (translated from Korean). Emails began on Dec. 22, 2017 with the most recent activity appearing on Dec. 28, when messages were sent from an IP address in Singapore.
Read more about the fileless malware campaign targetting more than 300 organizations associated with the 2018 Olympics on DarkReading.