Olympic Vision is an advanced threat that can steal key strokes, clipboard data, and user credentials.Cyber-criminal groups are using a combination of BEC (Business Email Compromise) scams and advanced keyloggers to target, scan, and steal data from 18 countries around the world.
At the core of this attack is a new malware family with keylogging and info-stealing capabilities, which the Trend Micro researchers have named Olympic Vision.
Available on the Dark Web for as much as $25 (€22), this keylogger can do a lot of things, such as log key strokes, record and steal data from the clipboard, take desktop screenshots, and extract passwords from browsers, email, and FTP clients.
Olympic Vision is spread around via BEC scams
To spread it around, the criminals were launching precise email campaigns aimed at key employees inside their targeted companies.
Known as BEC scams, and sometimes as whaling attacks or CEO fraud, these emails are crafted to look like they’re coming from a business partner or another company employee.
Each email had a file attached, and in this particular campaign, it was the Olympic Vision keylogger, which would execute, collect data, and send it to the attacker.
The criminals would then sift through the logs and decide what company computer to attack, based on the data they stole from each, separating uninteresting workstations from the ones sitting on some manager’s desk or the company’s financial department.
Campaign targeted European, North American, and Asian companies
Targeted countries were spread equally around the globe, with attackers having hit China, India, Indonesia, Malaysia, Thailand, Canada, United States, Germany, Iran, Iraq, Netherlands, Qatar, Saudi Arabia, Slovakia, Spain, United Arab Emirates, United Kingdom, and Zimbabwe.
This is not the first time keyloggers have been used together with BEC scams, with Trend Micro having previously reported on other threats such as Predator Pain, Limitless, and HawkEye.
According to Mimecast, a cyber-security vendor specialized in email security, BEC scams rose 55% in 2015 compared to the previous year.