News

Last year, hackers attacked the National Games of China

Avast analysts said that in the fall of 2021, unknown people attacked the IT infrastructure of the National Games of China a few days before the start of the competition. The competition, modeled after the rules of the Olympic Games but accepting only Chinese athletes, is the largest and most comprehensive sporting event in China.

In 2021, the Chinese-only event was held in September in the city of Shaanxi. Avast says that about 12 days before the start of the competition, unknown attackers gained access to a public server and SQL database belonging to the organizers of the event, and also implemented web shells in order to gain access to the systems in the future.
Having gained access, the attackers tried to move into the network using exploits and automated brute-force services.the experts write.

To move sideways across the network, the attackers used a framework written in the Go language, which had special plugins for a number of known vulnerabilities.

Avast says it learned about the incident from an incident report found by researchers on VirusTotal, which contained details about one of the exploited vulnerabilities. Also, shortly before that, one of the company’s analysts discovered a malware with a strange extension, which was the initial impetus for starting an investigation.

Attached to the report on VirusTotal were access logs from the web-server and SQL database. By analyzing these logs, we gathered initial information about the attack. These logs only include request path, and sadly do not reveal content of POST requests much needed to fully understand what commands attackers sent to their web shells, but even with this limited information we were able to outline the attack and determine the initial point of intrusion with moderate confidence.Avast experts say.

At the same time, according to the company, the Chinese side managed to cope with the attack even before the start of the competition.

The company said it could not determine exactly what information the hackers stole, but “there is reason to believe that [the attackers] are either native Chinese speakers or demonstrate good command of Chinese.”

Let me remind you that we wrote that Mandatory My 2022 App Endangers Beijing Olympics Competitors, as well as US authorities accused six Russians of NotPetya, KillDisk and OlympicDestroyer attacks.

Add rating
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Related Posts

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Leave a Comment
Share
Published by
Daniel Zimmermann
Tags: AvastKillDiskNational Games of ChinaNotPetyaOlympicDestroyerVirusTotal
3 years ago

Recent Posts

Remove Starcat Virus (.starcat Files Ransomware)

Starcat - General Info Starcat mean a ransomware-type infection. Starcat was elaborated particularly to encrypt…

14 hours ago

Remove PetyaX Virus (.petyax Files Ransomware)

PetyaX - Ransomware PetyaX stands for a ransomware-type infection. PetyaX was elaborated specifically to encrypt…

16 hours ago

Remove Fripolonishnity.co.in pop-up ads (Virus Removal Guide)

Fripolonishnity.co.in is a domain that tries to force you into subscribing to its browser notifications…

22 hours ago

Remove Hotbpekare.today pop-up ads (Virus Removal Guide)

Hotbpekare.today is a site that tries to force you into clik to its browser notifications…

1 day ago

Remove Hotbpatosu.today pop-up ads (Virus Removal Guide)

Hotbpatosu.today is a domain that tries to force you into clik to its browser notifications…

1 day ago

Remove Hotbpujiju.today pop-up ads (Virus Removal Guide)

Hotbpujiju.today is a site that tries to force you into subscribing to its browser notifications…

1 day ago