News

Last year, hackers attacked the National Games of China

Avast analysts said that in the fall of 2021, unknown people attacked the IT infrastructure of the National Games of China a few days before the start of the competition. The competition, modeled after the rules of the Olympic Games but accepting only Chinese athletes, is the largest and most comprehensive sporting event in China.

In 2021, the Chinese-only event was held in September in the city of Shaanxi. Avast says that about 12 days before the start of the competition, unknown attackers gained access to a public server and SQL database belonging to the organizers of the event, and also implemented web shells in order to gain access to the systems in the future.

Having gained access, the attackers tried to move into the network using exploits and automated brute-force services.the experts write.

To move sideways across the network, the attackers used a framework written in the Go language, which had special plugins for a number of known vulnerabilities.

Avast says it learned about the incident from an incident report found by researchers on VirusTotal, which contained details about one of the exploited vulnerabilities. Also, shortly before that, one of the company’s analysts discovered a malware with a strange extension, which was the initial impetus for starting an investigation.

Attached to the report on VirusTotal were access logs from the web-server and SQL database. By analyzing these logs, we gathered initial information about the attack. These logs only include request path, and sadly do not reveal content of POST requests much needed to fully understand what commands attackers sent to their web shells, but even with this limited information we were able to outline the attack and determine the initial point of intrusion with moderate confidence.Avast experts say.

At the same time, according to the company, the Chinese side managed to cope with the attack even before the start of the competition.

The company said it could not determine exactly what information the hackers stole, but “there is reason to believe that [the attackers] are either native Chinese speakers or demonstrate good command of Chinese.”

Let me remind you that we wrote that Mandatory My 2022 App Endangers Beijing Olympics Competitors, as well as US authorities accused six Russians of NotPetya, KillDisk and OlympicDestroyer attacks.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button