Spammers Launching Attacks on FIFA World Cup Soccer Fans, IBM Warns

Today’s topics include IBM warning that spammers are going after FIFA World Cup fans, and Intel warning of a new security vulnerability impacting some of its processors.

IBM's X-Force has been tracking spammers targeting followers of this year’s FIFA World Cup, which runs from June 14 to July 15 in Russia, and has already seen multiple types of email scams, spam and phishing attacks launched against unsuspecting fans, including fake notifications for prize winnings linked to FIFA sponsors as well as fake product sales.

IBM claims 65 percent of such spam has been sent from IP addresses hosted in the United States, while 23 percent has come from Italy and the remaining 12 percent from other countries.

Dirk Harz, a researcher at IBM X-Force, said that a lot of the spam activity occurred at the beginning of April and the end of May, with volume tapering off in June. However, World Cup-related spam could increase significantly if a larger botnet decides to pick up on World Cup-themed spam, he added.  

Intel publicly disclosed on June 13 a new security vulnerability that impacts some of its processors. The flaw is known as a "Lazy FP state restore" issue and is related in nature to the Meltdown and Spectre speculative execution vulnerabilities disclosed on Jan. 3.

"System software may utilize the Lazy FP state restore technique to delay the restoring of state until an instruction operating on that state is actually executed by the new process," Intel warned in its advisory.

From a virtualization context, the Lazy restore issue can potentially impact virtual machine deployments, including the open-source Xen hypervisor. The Xen project has already released patches to deal with the issue.