Olympic Destroyer malware

GPTKB entity

Statements (34)
Predicate Object
gptkbp:instanceOf malware
gptkbp:attributedTo unknown
gptkbp:consequence disrupted IT systems at 2018 Winter Olympics
interrupted ticketing operations
disabled Wi-Fi and website access at Olympic venues
gptkbp:discoveredBy gptkb:Cisco_Talos
gptkb:CrowdStrike
gptkb:Kaspersky_Lab
2018
https://www.w3.org/2000/01/rdf-schema#label Olympic Destroyer malware
gptkbp:notableEvent gptkb:2018_Winter_Olympics_cyberattack
gptkbp:notableFeature false flag techniques
code similarities to multiple APT groups
gptkbp:payload credential theft
file deletion
network disruption
gptkbp:platform gptkb:Microsoft_Windows
gptkbp:spreadTo credential harvesting
lateral movement via network
use of legitimate tools (PsExec, WMI)
gptkbp:suspectedAttribution gptkb:China
gptkb:North_Korea
gptkb:Russia
gptkbp:target gptkb:Pyeongchang,_South_Korea
gptkbp:targetedEvent gptkb:2018_Winter_Olympics
gptkbp:technique network propagation
credential dumping
data wiping
gptkbp:usesMalware wiper
worm
destructive malware
gptkbp:bfsParent gptkb:2018_Winter_Olympics_cyberattack
gptkb:Olympic_Destroyer_campaign
gptkbp:bfsLayer 6