Olympic Destroyer, alleged artifacts and false flag make attribution impossible

By Pierluigi Paganini

olympic destroyer

According to Kaspersky Lab, threat actors behind the recent Olympic Destroyer attack planted sophisticated false flags inside their malicious code.

On February 9, shortly before the Pyeongchang opening ceremonies on Friday, televisions at the main press centre, wifi at the Olympic Stadium and the official website were taken down.

Hackers used the so-called Olympic Destroyer, a strain of malware that allowed the attackers to wipe files and make systems inoperable.

Experts discovered that the malware leverages the EternalRomance NSA exploit to spread via the SMB protocol.

Initially, experts blamed North Korea for the attack, later intelligence officers attributed the cyber attack to <a class="colorbox" rel="nofollow" …read more

Via:: Security Affiars