World Cup Malware, Scams Highlighted by Trend Micro

Trend Micro researchers suggested using security software that can detect malicious links and to take care when being tempted by unknown websites.

world cup and web security

Brazil, host country of this year’s World Cup, has been dealing with a slew of negative publicity thanks to fears of violence, skepticism over infrastructure capacity and the safety of tourists—now security firm Trend Micro is drawing attention to malicious World Cup-related malware in search results.

In a series of blog posts, the company identified security issues, including a file they uncovered named Jsc Sport Live + Brazil World Cup 2014 HD.rar., which contains the file Brazil World Cup Streaming 2014.exe.

The post explained that this file is a backdoor identified as BKDR_BLADABIN.AB, which executes commands from a remote malicious user, effectively compromising the affected system. It can also capture screenshots, which can be used to obtain sensitive information.

Trend Micro researchers suggested using security software that can detect malicious links and to take care when being tempted by unknown Websites promoting World Cup content.

"We also would like to remind users not to visit scam sites like these, and remember that only FIFA is authorized to sell tickets for the World Cup games," one of the posts cautioned.

The company’s threat researchers discovered that the World Cup is being used as a lure to sell fake tickets, with some prices almost 4,000 percent higher than the official price on FIFA’s Website.

As an example, for the site meant for visitors from Brazil, would-be fans could buy a ticket for the final game for nearly $4,000. In the blog post, Trend Micro also reported that one person had bought three tickets for the Portugal versus Germany match from this site, but hadn’t received any tickets yet.

"As the 2014 FIFA World Cup Brazil draws near, we are seeing more threats using the event as bait. We recently talked about cyber-criminals in Brazil taking advantage of the event to spread malware, but we’ve found that the threats have gone beyond that," Fernando Mercês, a senior threat researcher for Trend Micro, wrote.

There appears to be a revolving door of online threats—while Trend Micro had discovered a Website that tricks users into providing information, including their credit card credentials, the page had recently been taken down.

In addition, phishing emails have used a supposed "FIFA World Cup 2014 Promotional Draw" to convince users to share personal information.

"Constant vigilance remains as the biggest shield one can use as defense to such social engineering schemes. From timely spammed messages to suspicious social media posts, cyber-criminals know how to bait you into becoming a victim," Leo Balante, technical communications for Trend Micro, wrote in a post. "Think and verify before you click on the next link that appears on your mail."