Cyber Threats & Paris 2024 Olympics

Introduction

Overview of the Paris 2024 Olympics

The 2024 Paris Olympics will be held from July 26 to August 11, bringing together millions of sports fans from around the world. This grand event is not only a major attraction for athletes and spectators but also a significant target for cybercriminals. Cyber attacks can pose serious threats at every stage, from ticket sales to the execution of events.

Cybersecurity Awareness at Major Events

Large-scale events often attract the attention of cyber attackers, and the Paris 2024 Olympics are no exception. Cybersecurity is of vital importance for both organizers and participants. Measures taken to ensure the seamless and secure execution of events play a critical role.

Overview

Potential Cyber Threats

The Olympics bring numerous cybersecurity challenges due to significant media attention and the large number of participants. These challenges include managing high traffic that can overload websites and services, the need to protect a wide range of personal data, and ensuring the security of various digital platforms. The potential cyber threats that may be encountered during this process include:

  • Fake Ticket Sales: Fake websites and social media accounts selling counterfeit tickets.
  • Phishing Attacks: Creation of fake emails and websites to steal users’ personal and financial information.
  • DDoS Attacks: Making Olympic websites and services inaccessible.
  • Data Breaches: Compromising personal information of participants and spectators.
  • Mobile Security Threats: Deceiving users through fake mobile applications.

Dark Web Analysis

In this section, we will present our team’s findings from the dark web analysis related to the Paris 2024 Olympics. During our analysis, we identified potential security threats, fake ticket sales, and fraudulent activities associated with the event.

Fake Sales of Olympic Tickets and Merchandise

The dark web is a common platform for selling counterfeit Olympic tickets and merchandise. Cybercriminals use these platforms to sell fake tickets and replicas of official products, attempting to make significant profits. Such scams can lead to financial losses for users and prevent them from attending the events. To avoid falling victim to cyber activities or financial losses, sports fans and participants are advised to purchase tickets exclusively through the official event page at olympics.com.

Image 1: Official Organizer’s Warning Regarding Ticket Fraud
Image 2: Unofficial Ticket Sales Page

In February 2024, a post titled “Paris2024 Olympics Hacked!” was detected on an underground forum. Upon investigation, it was observed that this post was made by a threat actor originating from Turkey. The content of the post was also announced on the same threat actor’s social media account.

Image 3: Threat Actor’s Forum Post
Image 4: Threat Actor’s Social Media Post

Methods and Platforms Used by Cyber Attackers

Sales on the dark web are typically conducted through anonymous marketplaces and forums. Cybercriminals accept payments in cryptocurrencies to maintain anonymity and avoid detection. These platforms also offer phishing kits, fake website templates, and other cyber-attack tools.

Phishing and Social Engineering

Examples of Phishing Attacks

Phishing attacks are a common method used to deceive users into revealing personal information. For example, a fake email might instruct users to click a link to complete a ticket purchase. These attacks aim to steal users’ credentials and payment information.

Phishing Activities Specific to Paris 2024:

One example is the site https://paris2024token.com, which appears to be a phishing page created to sell tokens related to the Paris 2024 Olympics. Such fake websites pose as services offered by the official Olympic Committee, deceiving users and drawing them into fraudulent activities. Users who enter their personal and payment information on these sites risk significant losses. These fake sites often exploit the popularity of cryptocurrencies, convincing people to invest and thereby enabling cybercriminals to collect substantial amounts of money.

Image 5: A phishing page example was created to sell token

Similarly, the website https://www.paris2024fantoken.com also appears suspicious. This site might be designed to attract sports fans and prompt them to transfer money to purchase tokens.

Image 6: Another suspicious token website

In addition to domains related to the Paris 2024 Olympics that have been parked by registrar companies to conduct phishing activities, multiple related domains that initiated phishing activities and were subsequently detected and shut down by authorities have been identified.

Image 7: An example domain parked by Olympic officials to prevent phishing activities.
Image 8: Another example domain

Fake Accounts on Social Media

Multiple accounts impersonating the official Twitter account of the Paris 2024 Olympic organizing committee, Paris2024.org, have been detected. While some of these accounts are not yet active, others are posting about cryptocurrency or token sales related to the Olympics. These fake accounts aim to mislead users into participating in fraudulent token sales.

Such fake accounts and websites often use designs that closely resemble official accounts and sites, gaining users’ trust and carrying out fraudulent activities.

Suspicious Accounts Targeting Crypto Token Sales
Some Accounts Impersonating the Official Paris 2024 Twitter Account

Mobile Security Threats

Fake Mobile Applications

Cybercriminals can deceive users by creating fake mobile applications. These apps may appear to be associated with the official Olympic organization but can collect users’ personal information or infect devices with malware.

Threats to Mobile Devices and Ways to Protect Against Them

  • Download from Trusted Sources: Users should only download apps from official app stores.
  • Check App Permissions: Carefully review what information the installed apps are requesting access to.
  • Mobile Security Software: Security software designed for mobile devices can help detect malicious applications.

Data Breaches

Botnet Data Leaks

One of the most serious threats during the Paris 2024 Olympics could be data breaches. The Brandefense Botnet database has revealed botnet data leaks for the domains Paris2024.org and Olympics.com. These botnet data leaks include login credentials of users or customers registered on the platform, as well as login credentials of organization employees.

Image 15: 2024 Olympics-related botnet logs from the Brandefense Platform

Botnet data leaks collect large-scale user information and put it up for sale on the black market. This situation can lead to users being exposed to identity theft, experiencing financial losses, and even paving the way for larger-scale cyber attacks.

Conclusion and Recommendations

Summary

The Paris 2024 Olympics could be under significant cybersecurity threats. Fake ticket sales, phishing attacks, DDoS attacks, and mobile security threats can jeopardize the safety of both organizers and participants. Therefore, implementing robust cybersecurity measures before and during the event is of critical importance.

Important Cybersecurity Measures for Paris 2024

To ensure the secure execution of the Olympics, the following measures should be taken:

  • Comprehensive Training and Awareness Programs: Participants and users should be educated about cyber threats.
  • Strong Security Systems: Websites and infrastructures should be protected with advanced security software and hardware.
  • Continuous Monitoring and Analysis: Cybersecurity teams should constantly monitor potential threats and respond quickly.
  • Two-Factor Authentication: Two-factor authentication should be mandatory for all user accounts.

These measures will contribute to the secure and successful execution of the Paris 2024 Olympics.

Share This: