While the details are mostly unknown, McAfee Advanced Threat Research senior analyst Ryan Sherstobitoff said his teams found a new variant of the malicious documents targeting the Winter Games a few days prior to the opening ceremonies.
“The new document contained the same metadata properties as those related to Operation GoldDragon, and sought to gain persistence on systems owned by organisations involved with the Winter Games,” Sherstobitoff said in a statement.
“It is clear attacks are ongoing and are likely to continue throughout the duration of the games. What is yet to be determined is if actors are working simply to gain disruption, or if their motives are greater.”
This is additional information after McAfee Labs reported last month about unconvering a major campaign targeting the PyeongChang Winter Olympics and related organizations. There is likely more to the story, to include which group may be responsible for the operation.
Disclaimer: I work for McAfee.