Olympic Destroyer

GPTKB entity

Statements (38)
Predicate Object
gptkbp:instanceOf malware
gptkbp:alsoKnownAs gptkb:OlympicDestroyer
gptkbp:analyzes gptkb:Cisco_Talos
gptkb:Microsoft
gptkb:CrowdStrike
gptkb:Kaspersky_Lab
gptkbp:attributedTo unknown
gptkbp:category cybercrime
malware campaign
gptkbp:consequence caused delays in event operations
disabled Wi-Fi and website access at the Olympics
disrupted IT systems at 2018 Winter Olympics
gptkbp:discoveredBy 2018
https://www.w3.org/2000/01/rdf-schema#label Olympic Destroyer
gptkbp:notableFeature contained code fragments from multiple APT groups
used false flags to mislead attribution
used legitimate tools for lateral movement
gptkbp:payload credential harvesting
file deletion
service disruption
gptkbp:publicDisclosure February 2018
gptkbp:spreadTo credential theft
lateral movement
network propagation
gptkbp:suspectedAttribution gptkb:APT3
gptkb:Sandworm_Team
gptkb:Lazarus_Group
gptkb:APT28
gptkbp:target gptkb:Pyeongchang,_South_Korea
gptkbp:targetedEvent gptkb:2018_Winter_Olympics
gptkbp:targetedOrganizations gptkb:Olympic_event_organizers
Olympic IT providers
Olympic partners
gptkbp:usesMalware wiper
worm
destructive malware
gptkbp:bfsParent gptkb:TA-94
gptkbp:bfsLayer 5