Russia hacked Olympic computers and routers but tried to frame North Korea

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
U.S. officials said the “false-flag” operation conducted by the Russian GRU was supposed to make it look like North Korea did it.

Russian military hackers hacked hundreds of computers at the 2018 Winter Olympic Games, but tried to make it look like the hacks were conducted by North Korea, according to a report by The Washington Post.

U.S. officials clinging to anonymity told The Post the “false-flag” operation conducted by the Russian military agency GRU included obtaining access to hundreds of Olympic-related computers as well as routers in South Korea. The hacks are believed to be retaliation against the International Olympic Committee (IOC) for banning the Russian team from the Winter Games due to doping violations.

Citing an intelligence report, The Post said Russian military hackers had obtained access to “as many as 300 Olympic-related computers” by early February. Additionally, “GRU cyber-operators also hacked routers in South Korea last month and deployed new malware on the day the Olympics began.”
..................................
..................................
..................................
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,447
Quote : " Evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow for unambiguous attribution. The threat actor responsible for the attack has purposefully included evidence to frustrate analysts and lead researchers to false attribution flags. This false attribution could embolden an adversary to deny an accusation, publicly citing evidence based upon false claims by unwitting third parties. Attribution, while headline grabbing, is difficult and not an exact science. This must force one to question purely software-based attribution going forward. "

" For the threat actors considered, there is no clear smoking gun indicating a guilty party with the evidence which we have available. Other security analysts and investigative bodies may have further evidence to which we do not have access. Organisations with additional evidence, such as signal intelligence or human intelligence sources which may provide significant clues to attribution, may be the least likely to share their insights so as not to betray the nature of their intelligence-gathering operation.

The attack which we believe Olympic Destroyer to have been associated with was clearly an audacious attack, almost certainly conducted by a threat actor with a certain level of sophistication who did not believe that they would be easily identified and held accountable. "

Full source : Cisco's Talos Intelligence Group Blog: Who Wasn’t Responsible for Olympic Destroyer?
 
F

ForgottenSeer 58943

Unless it was an American false flag to blame the Russians.

False flags and patsy's, normal operations for numerous governments.

US Govt. is a pro at those. It's literally how they conduct their year to year business. As a result the trust in the US Govt. is at epic lows by the American People. Nobody believes anything they say or do anymore for the most part. Unless it's pajama people, and well, nothing will help them.
 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,126
Ah, the boys in St Pete just LOVE comments like that! Initially sow the seeds of dissension and you'll never lack a harvest. Even better when others do the work for you...
 
  • Like
Reactions: simmerskool

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
I'm from the UK and I wouldn't trust the UK or US government as far as I could throw them.I think Snowdon proved without a doubt what lengths the US and UK government are prepared to got to. Anyone still thinking things like this is all Russia get your head out of the sand because the US government have got you in the Cold War mindset.
 
F

ForgottenSeer 58943

I'm from the UK and I wouldn't trust the UK or US government as far as I could throw them.I think Snowdon proved without a doubt what lengths the US and UK government are prepared to got to. Anyone still thinking things like this is all Russia get your head out of the sand because the US government have got you in the Cold War mindset.

Snowden, the undisclosed Snowden-2, Vault Leaks, Wikileaks, other Whistleblowers and probably a whole bunch waiting to spring forth. Essentially, all of them taught people that those conspiracy nutters were right all along. They also affirmed much of our privacy/security procedures as being prudent measures in the age of surveillance gone wild. You'd think these intel cartels would have learned from all of this to not be so felonious, but no, business as usual.

A friend of mine in a smaller country informed me of something we should consider.. He said the intelligence budgets of his country is hundreds of thousands of times lower than US Intel. To the point they really can't involve themselves in mass spying. It's much more limited and focused and focused on actual spies from other countries more than citizens. Whereas our virtually unlimited intelligence budget and hundreds of thousands of people employed in intel in this country (they are also supported by Crypto-Currencies, which are intel backed) means most of the world views the US Intel cartels as the prime culprit for troublesome world activity and mass surveillance.

Companies are stuck in between a rock and a hard place. They need to protect their customers but they also need to answer to US legal requests. Their business could potentially suffer great losses if they are shown to be working with US Intel and/or whitelisting state malware. Fortinet has been increasing addressing state-actors (including US) with various technologies like Quantum Tampering Detection, NDD's and NRD's and other things. If those 'sweep up' US Spy tools and/or activity then so be it but customers must also be protected and no security firm wants to be implicated in willfully compromising their customers!
 

Prorootect

Level 69
Verified
Nov 5, 2011
5,855
Post deleted.

That's all we know.

That's all we know.png
That's all we know.png

That's all we know.png
 
Last edited:
F

ForgottenSeer 58943


He's right in that certain AV products have very close ties to US Intelligence and he rightfully mentions Trend Micro which is joined at the hip with US Intel, so close in fact, they share the same threat centers. The CIA literally works inside of Trends threat center, the amount of public domain or third party intelligence they gather is astounding. I've heard rumors that Eset and Bit Defender work very closely with Intelligence but don't have any specifics on that.
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
He's right in that certain AV products have very close ties to US Intelligence and he rightfully mentions Trend Micro which is joined at the hip with US Intel, so close in fact, they share the same threat centers. The CIA literally works inside of Trends threat center, the amount of public domain or third party intelligence they gather is astounding. I've heard rumors that Eset and Bit Defender work very closely with Intelligence but don't have any specifics on that.
I also wonder how much info Comdo share with the CIA etc. I wonder if there are any shell companies or similar on that Comodo Whitelist or if Comodo just give them full access.What can Comodo do if they're based in the US and the intelligence agencies come knocking are they going to say no? I also found it very suspicious that when that "Leaked document" showed how easily the CIA could bypass most security products that they specifically mentioned how hard Comodo was to bypass. I think that was a bit of reverse psychology. If the CIA say Comodo is hard to bypass then let's all use it because it must be really good protection if the CIA specifically mention it being hard to bypass. See what I mean. And Meliah's privacy track record isn't great is it. It was only a few years ago when he posted private emails between himself and someone at AV comparatives, I wouldn't trust him or his company as far as I could throw them. If Comodo are not in bed with US intelligence I will literally eat my hat.

I really do hope I'm wrong about Comodo, but I honestly don't think I am. I have no proof obviously but I'd be shocked if they didn't help US intelligence.
 
  • Like
Reactions: Weebarra

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
818
This is quite a regular activity especially around US and UK govts...Know what when Kaspersky was blamed of sharing the info to their russian govt which was out by ISRAELI hackers...is no surprise..since A-V vendors (mostly) would have good Lunch and Dinner if they work close with their govt(Sharing the threat data ?? no one knows the exact reason)..Eugene himself agreed that there are times being approached by Russian Govt to cooperate them and in turn reap its benefits..
Fingers Crossed....:devil:..Trend is a NIA Spyware..but to me it doesnt matter if they watch me ..since i do nothing....But to those who want to protect their privacy
first look into A-V vendor(Origin)..before u try..especially keep away ALL THE FREEMIUM AV...because this is what they do to run their Revenues(Open Secret):coffee:
DR WEB is the only one whom i respect the most after German Bro"s..because he literally trashes those who come in their way and always independent
 
  • Like
Reactions: ZeroDay
F

ForgottenSeer 58943

I also wonder how much info Comdo share with the CIA etc. I wonder if there are any shell companies or similar on that Comodo Whitelist or if Comodo just give them full access.What can Comodo do if they're based in the US and the intelligence agencies come knocking are they going to say no? I also found it very suspicious that when that "Leaked document" showed how easily the CIA could bypass most security products that they specifically mentioned how hard Comodo was to bypass. I think that was a bit of reverse psychology. If the CIA say Comodo is hard to bypass then let's all use it because it must be really good protection if the CIA specifically mention it being hard to bypass. See what I mean. And Meliah's privacy track record isn't great is it. It was only a few years ago when he posted private emails between himself and someone at AV comparatives, I wouldn't trust him or his company as far as I could throw them. If Comodo are not in bed with US intelligence I will literally eat my hat.

I really do hope I'm wrong about Comodo, but I honestly don't think I am. I have no proof obviously but I'd be shocked if they didn't help US intelligence.

Funny you mention this, I almost felt like they were promoting people to use Comodo using reverse psychology. It felt too contrived to be real. Often we see this happen in intelligence where the information is seeded to create your reaction to a situation that results in the solution they want achieved. I've never felt inclined to trust Comodo, and Meliah feels especially sleazy. When Kevin McAleavey got hosed by them and revealed that Comodo was a reverse engineered hack of Eset I sort of died inside a little, especially when Meliah didn't deny it.. To be honest, I don't believe for a minute Comodo is even remotely difficult for state actors to bypass, but that's my opinion.

When the whole 'you should use a VPN!!' rush began we started seeing CIA/NSA/FBI front companies starting up VPN companies as honeypots to collect up privacy advocates for deep surveillance. Often failing to totally mask their involvement such as with WiTopia that started operations in a CIA shared space in Reston VA. among others.. This was all before the Snowden revelations, by the way.
 
  • Like
Reactions: ZeroDay

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
Funny you mention this, I almost felt like they were promoting people to use Comodo using reverse psychology. It felt too contrived to be real. Often we see this happen in intelligence where the information is seeded to create your reaction to a situation that results in the solution they want achieved. I've never felt inclined to trust Comodo, and Meliah feels especially sleazy. When Kevin McAleavey got hosed by them and revealed that Comodo was a reverse engineered hack of Eset I sort of died inside a little, especially when Meliah didn't deny it.. To be honest, I don't believe for a minute Comodo is even remotely difficult for state actors to bypass, but that's my opinion.

When the whole 'you should use a VPN!!' rush began we started seeing CIA/NSA/FBI front companies starting up VPN companies as honeypots to collect up privacy advocates for deep surveillance. Often failing to totally mask their involvement such as with WiTopia that started operations in a CIA shared space in Reston VA. among others.. This was all before the Snowden revelations, by the way.
I'd say it was unbelievable but it's not. If MS gives intelligence agencies a free pass we're all stuffed. I am seriously considering going back to a Linux or BSD based OS full time.
 
F

ForgottenSeer 58943

I'd say it was unbelievable but it's not. If MS gives intelligence agencies a free pass we're all stuffed. I am seriously considering going back to a Linux or BSD based OS full time.

Already ahead of you brother. My entire home infrastructure is primarily locked down BSD, Debian, Linux. ChromeOS. A few AndroidOS devices. The primary reason for this is security and privacy, they are all very very quiet little friends. Also since they are already quite heavily secured, it's trivial to add additional lockdowns and once you place them behind a UTM/NGFW they become virtually bulletproof. There are only 3 actively used Windows Systems in the home maintained for gamers, and the security theater is still being played on all of those.

However, I do have the Windows Systems segregated by physical zones away from the primary network or other devices. That should tell you exactly how much I trust Windows - which is ZERO. I won't even give those Windows boxes user-space access to the UTM Admin. The only thing they can talk to on the local network is my DNS server and that's limited to the DNS protocol only, to a specific IP, with IDS DPI scanning of DNS traffic to ensure no DNS malformation activity.

One of the most paranoid guys I work with (and no, I am not that person) has gone back to using a locked rolodex on his desk at home for password storage. He constantly mumbles things like 'it's all broken, it's all compromised, we have no hope' as he wanders these hallowed halls.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top