Chinese Hackers Leverage World-Cup Buzz

On May 14th we brought you a report regarding hacktivists threatening to wage cyber attacks against the Brazilian government and FIFA. This time, we are publishing yet another World-Cup-related post, but from a slightly different angle.

China, the world’s most populous country, is also the world’s leader in terms of number of cellphone users. The smartphone revolution did not skip China, and oh boy did it make an impact! Chinese people love their phones. No, Chinese people are obsessed with their phones might be a more precise choice of words.

As you probably know, Chinese cities are not small (quite an understatement!), and commute time has to be killed somehow. That’s why riding the subway in China, except for being overwhelmingly crowded at times, is also just the perfect timing for many passengers to indulge in intensive game-playing! While some prefer to fiercely ride a digital motorcycle, shoot intruding aliens, or grow vegetables in a farm, others have a liking for sports games, perhaps as a compensation for rotting in front of a computer desk all-day-long. The latter will inevitably come across a bundle of World-Cup related game apps available on all application markets.

Image

World-Cup is a buzz-word, no doubt about it, and as such, it attracts not only the gamers’ attention, but the hackers’ as well, and the Chinese hackers know their onions, all right. They leverage the buzz and try to con unwary mobile users into downloading and installing infected apps. The hackers use the “repacking” method – they download a legit and innocent game app, plant a malicious code within it, and upload it once again to the app market, or to a forum. The compromised app looks just the same – it has the same icon, its name is almost identical, and the user has virtually no way of noticing any abnormality after having it installed.

Actually, this is not the first time we see this method being practiced – Chinese hackers use just the same mischief whenever a national holiday is being celebrated, a major event (be it national or international) takes place, or just when some application garners a lot of popularity.

There is a famous story in China about a farmer in the Spring and Autumn Period (approx. 771 to 476 BC) who was working in the fields, when a rabbit was running by and suddenly dashed into a tree stump. The joyful farmer brought the dead rabbit home and cooked it for dinner exclaiming that there is no need for him to work any longer, as he can simply sit by that stump and wait for more rabbits to knock dead into it. This story gave birth to the idiom 守株待兔(literally “to watch the stump and wait for rabbits”) meaning “to trust chance and luck rather than go working”. The Chinese hackers who use this “repacking” method are just modern lazy farmers, patiently awaiting unlucky mobile-users to fall prey to their hands.

Even though this post is China-focused, it is important for you to bear in mind that this “repacking” method can be easily implemented anywhere. We urge you to download applications only from official sites and app-markets, and to install an antivirus on your mobile device.

Don’t be a rabbit!

And with all that being said, we wish safe-gaming to all World-Cup enthusiasts, and good luck to all participating countries!

Hackers are World Cup Fans

On May 12, 2014, an AnonGhost member and developer of the new AnonGhost DDoS tool, nicknamed Ali KM, created an event page on Facebook announcing a cyber-campaign against FIFA websites. #OpFIFA will take place between June 10 and 12, 2014.

It is worth mentioning that already in January 2014, hacktivists had created event pages on Facebook threatening to carry out cyberattacks against websites affiliated with the Brazilian Government (hosting the games) and FIFA.

According to Ali KM, the main reason for the #OpFIFA campaign is what they consider FIFA’s humiliating attitude towards Muslim teams. Thus far, approximately 100 Facebook users have joined the event and over 1,000 users have been invited.

Ali KM has promised that if the participants wage successful DDoS attacks against FIFA websites, he will provide them with free HD live streaming from his own servers during the World Cup games.

#OpFIFA Event Page on Facebook
#OpFIFA Event Page on Facebook

In a related matter, according to cyber security researchers, hackers use FIFA World Cup games to spread different malware. For example, a new backdoor was discovered in a file called Jsc Sport Live + Brazil World Cup 2014 HD.rar. The archive contains an executable file that creates a remote access, allowing hackers to gain full control of the victim’s computer. Hackers also spread a claimed key generator for cracking football games that actually run an adware on the victim’s computer.

World Cup games are also a useful platform for phishing attempts, such as the one spotted last year, claiming to provide a promotional offer for FIFA World Cup 2014, but which actually tried to steal credit card credentials and personal details of the victims. Security researchers recommend ignoring such links and files and keeping antivirus updated.

Have a great and malware-free World Cup!

Facebook Event against the World Cup in Brazil

A new trend has emerged – Hacktivist campaigns against high-profile sporting events.

Anonymous Caucasus, also known as “The Electronic Army of the Caucasus Emirate”, an Islamist hacker group, has already threatened to carry out cyber attacks before and during the Sochi 2014 Winter Olympic Games.

The next major sporting event is the World Cup, schedule to take place in June 2014 in Brazil. In recent days Anonymous hackers have launched cyber attacks against Brazilian government websites in protest against the 2014 World Cup.

The hacktivists have also created an event page on Facebook threatening that every Saturday until the beginning of the games on June 12, 2014, they will wage cyber attacks against different websites that are affiliated with the Brazilian government and FIFA, the international governing body of association football.

Thus far, hundreds of people have joined the event and the number of participants will most likely increase during the next months.

Facebook event against the 2014 World Cup
Facebook event against the 2014 World Cup