Threat Intelligence ReportEclecticIQ Fusion Center Report: Russian Hacking Group Fancy Bear Prepares to Attack Winter Olympics, U.S. Senate (English)

The hacking group Threat Actor: Fancy Bears Hack Team, which is heavily linked to the Russian government, appears to be preparing to disrupt the 2018 Winter Olympics in South Korea.

Report from EclecticIQ Fusion Center from Tuesday 13 February 2018.

Key Findings:

  • The Fancy Bear Hack Team's Twitter account first announced potential activity against the 2018 Olympics on January 10th
  • Security experts have found that the group, known as Intrusion Set: APT28, Fancy Bear or Pawn Storm, recently registered numerous malicious domains
  • Some of these domains mimic legitimate properties related to the 2018 Olympic Games
  • Spear-phishing emails were sent to several professional winter sporting organizations, including the International Ski Federation, International Ice Hockey Federation
  • APT28 remains interested in hacking individuals involved with the U.S. Senate, as they have also registered a variety of rogue U.S. Senate websites
  • Identified bitcoin-dns.hosting Nameservers, in which similar network infrastructure was identified in the APT28 DNC Hack

Download Resource

Download report and STIX entities See other resources