Fake streaming sites were the biggest threat of the Tokyo Olympics

News
By published

Fake Olympic streams were used to spread malware and adware

piracy
(Image credit: Shutterstock / gonin)

Although the FBI warned that cybercriminals would target the Olympic Games this summer, new research from Zscaler has revealed that fake streaming services were actually the biggest threat of the Tokyo Olympics.

Since the Rio Olympics back in 2016, streaming sporting events online has increased significantly and this was also the case during the recent Summer Olympics in Tokyo.

During this year's games, Zscaler's ThreatLabz observed multiple instances of suspicious streaming services that weren't associated with any of the official Olympic streaming providers. Instead these websites claimed to provide free access to watch the games online before requesting payment credentials from customers.

After users registered for access to these illegitimate streaming sites, they were directed to a fake payment portal that was used to harvest their credit card numbers and other payment information.

Adware and the return of OlympicDestroyer

Zscaler also observed Olympic-themed adware activity during the Tokyo Olympics that claimed to offer free streaming services. However, users were instead redirected to unrelated sites for online gambling, auto trading and other topics.

According to a new blog post from Zscaler, it also saw cases where users were redirected to install adware in the form of browser extensions and fake software updaters. One example is the YourStreamSearch browser extension which is a known browser hijacker that recommends ads based on a user's search history.

The sophisticated malware OlympicDestroyer, which first appeared online during the 2018 Winter Olympics in Pyeongchang, South Korea, was also observed in the wild this summer as cybercriminals brought it back for the latest Olympic Games. At its core, OlympicDestoryer is a worm that spreads using Windows network shares and drops multiple files onto a victim's machine that try to steal their browser and system credentials.

To avoid falling victim to these and other scams related to online streaming, Zscaler recommends that users update their VPN services and devices, enable two-factor authentication (2FA), verify the source of emails, avoid unofficial app stores and backup their most important documents and media files.

TOPICS
Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
Representational image of a cybercriminal
Criminals are spreading malware disguised as DeepSeek AI
A padlock resting on a keyboard.
Understanding and avoiding malvertizing attacks
Robotic hand clicking on captcha 'I am not a robot'.
Fake CAPTCHAs are being used to spread malware - and we only have ourselves to blame
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
Flags of Iran, China, Russia and North Korea on a wall. China North Korea Iran Russia alliance
Cybercrime is helping fund rogue nations across the world - and it's only going to get worse, Google warns
Illustration of a thief escaping with a white fingerprint
5 massive privacy scandals that rocked the world – and made millions of victims
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
More about security
cybersecurity

Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak

A major Keenetic router data leak could put a million households at risk
Student with headphones around her neck using a phone while sitting in a cafe in front of a laptop

One of the richest men in the world castigates the billions of dollars spent on buying laptops for US classrooms with no apparent improvements
See more latest
Most Popular
Student with headphones around her neck using a phone while sitting in a cafe in front of a laptop
One of the richest men in the world castigates the billions of dollars spent on buying laptops for US classrooms with no apparent improvements
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring
Tesla Model Y 2025
Tesla’s EU sales are in freefall as VW races ahead, but the Model Y could change all that
Asus NUC 15 Pro+
Asus unveils its most powerful mini PC to date — but I don't think the Intel-powered NUC 15 Pro+ will compete with Strix Halo models
HDD
Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora