As the ultimate contest for the world’s most popular sport, the Federation Internationale de Futbol Association (FIFA) World Cup attracts billions of viewers during the month the tournament runs.
Little wonder, then, that the contest also attracts cyber-criminals and online protesters as well. Since early June, fraudsters have expanded their use of the World Cup as a lure in phishing emails and online scams, attempting to persuade users to click on malicious links, according to security firms.
Citizen protests over the enormous spending—including more than $3.6 billion in taxpayer money—by the Brazilian government on stadiums and infrastructure required to host the games have attracted online denial-of-service attacks and Web site defacements.
Hackers linked to the Anonymous philosophy have claimed responsibility for a number of attacks, including the leak of email from Brazil’s Foreign Ministry in late May and a denial-of-service (DoS) attack on the Web site of the Military Police of São Paulo, according to security firm Radware, which is tracking the attacks.
“There are a lot of attacks going on, and they are across the spectrum,” Carl Herberger, vice president of security solutions for Radware, told eWEEK. “From sporting sites to government sites and even advertisers, this has risen above the level of nuisance attacks.”
In a number of operations, Anonymous-linked hackers have defaced some sites and made others inaccessible. In an interview published on May 30, one spokesperson for the protesters stated that activists are calling attention to the excessive spending on a sporting event in a country that continues to have problems providing basic services.
While the clamor surrounding the World Cup is fertile ground for cyber-criminals, the controversy surrounding the Brazilian government’s spending on the monthlong contest has resulted in protests across the country and support from cyber-activists.
The 2014 World Cup’s price tag reached more than $11.5 billion, nearly $3.6 billion of which was spent on stadiums, according to the Wall Street Journal. More than a million Brazilian citizens took to the streets in protest last year, and less than half now support the decision to host the World Cup.
The added drama has increased the level of attention paid to the World Cup by cyber-criminals, who regularly use popular events as a lure for phishing attacks and social engineering.
Scams range from fraudulent video players that fraudsters claim can be used to watch World Cup matches to emails that claim the recipient has won tickets to Brazil. The fraudulent email messages, for example, contain ZIP files that will install a malicious Trojan when opened, according to Symantec.
“Inside the zip file is an executable which, if executed, will allow your computer to be taken over by a remote administration tool (RAT) known as DarkComet,” the company stated in an analysis.