Brandefense Academy
Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover Now Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover NowJUNE 14, 2024
The 2024 Paris Olympics will be held from July 26 to August 11, bringing together millions of sports fans from around the world. This grand event is not only a major attraction for athletes and spectators but also a significant target for cybercriminals. Cyber attacks can pose serious threats at every stage, from ticket sales to the execution of events.
Large-scale events often attract the attention of cyber attackers, and the Paris 2024 Olympics are no exception. Cybersecurity is of vital importance for both organizers and participants. Measures taken to ensure the seamless and secure execution of events play a critical role.
The Olympics bring numerous cybersecurity challenges due to significant media attention and the large number of participants. These challenges include managing high traffic that can overload websites and services, the need to protect a wide range of personal data, and ensuring the security of various digital platforms. The potential cyber threats that may be encountered during this process include:
In this section, we will present our team’s findings from the dark web analysis related to the Paris 2024 Olympics. During our analysis, we identified potential security threats, fake ticket sales, and fraudulent activities associated with the event.
The dark web is a common platform for selling counterfeit Olympic tickets and merchandise. Cybercriminals use these platforms to sell fake tickets and replicas of official products, attempting to make significant profits. Such scams can lead to financial losses for users and prevent them from attending the events. To avoid falling victim to cyber activities or financial losses, sports fans and participants are advised to purchase tickets exclusively through the official event page at olympics.com.
In February 2024, a post titled “Paris2024 Olympics Hacked!” was detected on an underground forum. Upon investigation, it was observed that this post was made by a threat actor originating from Turkey. The content of the post was also announced on the same threat actor’s social media account.
Sales on the dark web are typically conducted through anonymous marketplaces and forums. Cybercriminals accept payments in cryptocurrencies to maintain anonymity and avoid detection. These platforms also offer phishing kits, fake website templates, and other cyber-attack tools.
Phishing attacks are a common method used to deceive users into revealing personal information. For example, a fake email might instruct users to click a link to complete a ticket purchase. These attacks aim to steal users’ credentials and payment information.
One example is the site https://paris2024token.com, which appears to be a phishing page created to sell tokens related to the Paris 2024 Olympics. Such fake websites pose as services offered by the official Olympic Committee, deceiving users and drawing them into fraudulent activities. Users who enter their personal and payment information on these sites risk significant losses. These fake sites often exploit the popularity of cryptocurrencies, convincing people to invest and thereby enabling cybercriminals to collect substantial amounts of money.
Similarly, the website https://www.paris2024fantoken.com also appears suspicious. This site might be designed to attract sports fans and prompt them to transfer money to purchase tokens.
In addition to domains related to the Paris 2024 Olympics that have been parked by registrar companies to conduct phishing activities, multiple related domains that initiated phishing activities and were subsequently detected and shut down by authorities have been identified.
Multiple accounts impersonating the official Twitter account of the Paris 2024 Olympic organizing committee, Paris2024.org, have been detected. While some of these accounts are not yet active, others are posting about cryptocurrency or token sales related to the Olympics. These fake accounts aim to mislead users into participating in fraudulent token sales.
Such fake accounts and websites often use designs that closely resemble official accounts and sites, gaining users’ trust and carrying out fraudulent activities.
Cybercriminals can deceive users by creating fake mobile applications. These apps may appear to be associated with the official Olympic organization but can collect users’ personal information or infect devices with malware.
One of the most serious threats during the Paris 2024 Olympics could be data breaches. The Brandefense Botnet database has revealed botnet data leaks for the domains Paris2024.org and Olympics.com. These botnet data leaks include login credentials of users or customers registered on the platform, as well as login credentials of organization employees.
Botnet data leaks collect large-scale user information and put it up for sale on the black market. This situation can lead to users being exposed to identity theft, experiencing financial losses, and even paving the way for larger-scale cyber attacks.
The Paris 2024 Olympics could be under significant cybersecurity threats. Fake ticket sales, phishing attacks, DDoS attacks, and mobile security threats can jeopardize the safety of both organizers and participants. Therefore, implementing robust cybersecurity measures before and during the event is of critical importance.
To ensure the secure execution of the Olympics, the following measures should be taken:
These measures will contribute to the secure and successful execution of the Paris 2024 Olympics.
Take control of your digital security with an exclusive demo of our powerful threat management platform.
