The 2020 Tokyo Olympics have already been postponed due to the pandemic. Instead of taking place in 2020 as the name suggests, they are taking place in 2021. Despite starting to take place, new fears are rising as the Olympics are now facing the threat of CyberAttacks.
A Japanese government official reported by Kyodo News has said that threat actors had gathered user data and released it on the dark web. The Tokyo-based news agency reported that data from the Olympics' ticket site had been stolen, including user IDs and passwords.
The public figure considered the detrimental impact that the data leak may have on victims. Cybercriminals would be able to gather the names, addresses, and financial information of ticket bookers as a result of such a data breach.
According to an anonymous source, hackers used the RedLine virus and other sorts of stealers to penetrate the ticketing platform. Threat actors wanting to commit cybercrime frequently sell RedLine Stealer on the dark web.
The tool steals a variety of information types from web browsers, including stored passwords, information set for autocomplete, and financial data. It is available as a standalone version or as a subscription.
The RedLine virus is also said to include a capability that allows it to do an inventory of an infected machine. It may analyze important facts like system setup, security software, and location data using this method.
It's worth noting that newer versions of the harmful software allows cybercriminals to steal crypto. RedLine's ability to upload and download documents, execute instructions, and provide scheduled information to an operator about the infected machine complements this capability.
The announcement followed the Federal Bureau of Investigations' (FBI) private industry notice. The notice warned companies collaborating with the Tokyo Olympics 2020 to prepare for a surge of damaging cyber incidents.
The law enforcement agency cautioned different organizations. They were all notified of the possibility of of DDoS, ransomware, phishing, and social engineering attacks by threat actors trying to profit from the event. Russian threat actors deployed the OlympicDestroyer virus to gain access and destroy web servers during the opening ceremony of the 2018 Winter Olympics in February.
Aside from that, there have been contradictory claims regarding the true concerns underlying recent reports of a possible data breach. A lot of commenters quickly shot down the Japanese government official's allegations, dismissing the likelihood of a data leak.
A Twitter user named pancak3 made a post claiming that there are no dark web forums, implying that there is a data leak. Essentially, the user claimed that the placement of user data on dark web platforms may suggest that a lot of users were likely harmed by dark web market information thieves.
Importantly, a spokesman for the Tokyo 2020 International Communications Team refuted the accusations made by the Kyodo News source whenspeaking with ZDNet. The team's official acknowledged the possibility of a cyber attack, but insisted that it was not a data breach from the Tokyo Olympics 2020 system.
The spokesman went on to say that the team is presently in contact with government authorities and other relevant organizations about the situation, and that they have already put in place procedures to mitigate possible dangers, such as password resets to prevent widespread harm.
Although the Tokyo 2020 system may not have been hacked, the official's remark highlights the strong likelihood that some user data has been accessible to unauthorized parties. It's very possible that a number of individuals have been unwittingly exposed to hackers trying to exploit stolen information in illegal operations. More information is expected to surface.