New wiper malware using Tokyo Olympic-themed documents as a disguise has been discovered. Researchers have analyzed the malware’s obfuscation techniques and specific targeting of files created using Japanese word processors, which likely indicate that Japanese organizations are at risk, although no targeted organizations have been confirmed. Wiper attacks are typically attributed to nation-state−associated threat groups; however, this attack had little impact and the malware’s code was not technically sophisticated, making the involvement of a nation-state less likely. Ongoing backlash in Japan towards the Olympics makes it realistically possible that a domestic threat actor is responsible. Attribution remains unconfirmed, but this incident demonstrates the varied nature of cyber activity towards Olympic events that often brings various cyber-threat activities to the fore.
Most Recent Flipbooks
Success of UK security bill depends on Internet of Things users
The well-established “Mozi” peer-to-peer (P2P) botnet has developed new persistence capabilities.
A configurable, malicious Traffic Direction System (TDS) has been enabling widespread malware attacks.
A years-long reconnaissance campaign against an employee of a US aerospace defense company was discovered and attributed to “TA456”, an Iranian state-backed advanced persistent threat (APT) group.
The new “BlackMatter”, “Haron”, and “El_Cometa” ransomware groups, which surfaced in the past three weeks, bear significant similarities to ransomware groups that disappeared last month