Hackers have crashed the Winter Olympics, apparently by using destructive malware.
Researchers Say Destructive Wiper Dubbed 'Olympic Destroyer' Hits Pyeonchang.
"There was a cyberattack and the server was updated yesterday during the day and we have the cause of the problem," Pyeongchang 2018 spokesman Sung Baik-you told reporters on Sunday, adding that attempted disruptions were not unusual during the Olympic Games.
"We are not going to reveal the source," he said. "We are taking secure operations and, in line with best practice, we're not going to comment on the issue because it is an issue that we are dealing with."
They say the malware is designed to delete shadow copies in Windows and to spread via PsExec (psexec.exe) and Windows Management Instrumentation (wmic.exe), which are legitimate tools built into Windows. Such functionality has been seen with both the NotPetya and BadRabbit attacks (see Teardown of 'NotPetya' Malware: Here's What We Know).
On Friday, shortly before the opening ceremonies of the Olympic Winter Games in South Korea, the official Pyeongchang 2018 site stopped working, leaving attendees unable to print tickets. In addition, the WiFi in Pyeonchang Olympic stadium stopped working, as did televisions and internet access in the main press center, the Guardian first reported. It said the website wasn't restored until 12 hours later, on Saturday morning. "We can confirm that the technology issues experienced on Friday night were caused by a cyberattack," a spokesman for the International Olympic Committee tells Information Security Media Group. "The situation was quickly dealt with and as result, all systems have remained stable and no competitions were ever affected. They continue to run smoothly."