Skip to main content

Fancy Bear hackers return to target sporting organizations

hacker targeting a PC
(Image credit: Shutterstock)
Audio player loading…

As the world prepares for the Tokyo Summer Games in 2020, Microsoft has announced that it has tracked significant cyberattacks targeting anti-doping authorities and global sporting organizations from a hacker group known as Fancy Bear or Strontium.

In a blog post (opens in new tab), the software giant revealed that the Microsoft Threat Intelligence Center has been carefully following the activity of the group which also goes by the name APT28.

According to Microsoft, at least 16 national and international sporting and anti-doping organizations across three continents were targeted in this latest round of cyberattacks which began on September 16. The attacks themselves occurred just before the news broke that the World Anti-Doping Agency was planning on taking further action ahead of next year's Summer Olympics.

While some of the attacks were successful, Microsoft has said that the majority were not and the company has notified all of the customers targeted in these attacks.

Return of Fancy Bear

Strontium or Fancy Bear if you prefer, is one of the world's oldest cyber espionage groups and it has also been called Sofancy and Pawn Storm by a number of security firms and government officials. According to the cybersecurity company Crowdstrike, the group could even be associated with the Russian military intelligence agency GRU.

In its blog post, Microsoft said that Fancy Bear was reportedly responsible for releasing medical records and emails obtained from sporting organizations and anti-doping officials in 2016 and 2018. These leaked documents led to an indictment in US federal court in 2018.

The methods employed in these most recent attacks were similar to those used by Fancy Bear to target governments, militaries, think tanks, human rights organizations, financial firms and universities all over the world.

Fancy Bear uses spear-phishing, password spray, exploiting internet-connected devices as well as open-source and custom malware to launch its attacks.

With the Tokyo Summer Games on the horizon, expect more attacks from the group and also from other hackers who wish to disrupt the event and prey on attendees.

Via Reuters (opens in new tab)

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.