Participants in the opening ceremony for the Pyeongchang Olympics on Feb. 9, 2018. Photo: Kyodo News via Getty Images

The newly discovered malware known as "Olympic Destroyer" was specifically designed to attack the Olympics, researchers have found, although the first batch of investigations haven't been able to pin point the source.

How it works: Like the name suggests, Destroyer is purely destructive. Unlike ransomware, it does not extort money, and the malware doesn't steal files. Instead, it deletes backup files on a system and tampers with files needed to boot a computer, making it impossible to boot without repair. It does not delete the main files or programs on a computer.

Why that matters: Researchers at Cisco's Talos division speculate that, without a backup, tech support would won't restore the hard drive to a state where the malware is totally wiped. The attacker can then relaunch the same attack over and over again.

  • The malware uses hard-coded network credentials for Olympic systems and any credentials it comes across, allowing it to attack other computers on the same network.
  • Changing the hard-coded credentials could then set loose another attack.
  • The attackers would have had to steal credentials before programming it into the malware.

Who's behind it: Adam Meyers, Vice President of Intelligence at Crowdstrike, notes that Fancy Bear, one of the believed Russian groups thought to be behind the Democratic National Committee breach, hacked a number of Olympic-affiliated systems in November and December. The malware was compiled in late December. That might hint at Russian involvement.

  • Possible motive: Russia feels that being all but barred from the Olympics for widespread doping is a slight against the nation. In the 2016 Olympics, when Russian athletes were banned in bulk, a lead Fancy Bear is believed to have hacked the World Anti Doping Agency.
  • Yes, but: The timeline of attacks doesn't necessarily attribute it to Russia, Meyers said.
  • Maybe China? The firm Intezer found that Olympic Destroyer shared "significant" chunks of computer code with believed Chinese-affiliated espionage groups. That does not mean China is behind the attack so much as someone using Chinese computer code is behind the attack. But Intezer, which operates a code analysis system similar to automated plagiarism detection websites, has not found any other code that matches.

Go deeper

Updated 13 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Politics: Ex-FDA chief: Pence campaigning after COVID exposure puts others at risk — Mark Meadows: "We are not going to control the pandemic"
  2. Health: 13 states set single-day coronavirus case records last week — U.S. reports over 80,000 new cases for second consecutive day.
  3. World: Australian city Melbourne to exit one of world's longest lockdowns — In photos: Coronavirus restrictions grow across Europe
  4. Media: Fox News president and several hosts advised to quarantine after possible COVID-19 exposure
  5. Nonprofit: Rockefeller Foundation commits $1 billion for COVID-19 recovery
Updated 17 mins ago - World

In photos: Coronavirus restrictions grow across Europe

A skeleton is placed at a restaurant table in Rome to protest Italy's restrictions that'll see gyms, movie theaters and pools close and bars and restaurants required to shut by 6 p.m. until at least Nov. 24. Photo: Antonio Masiello/Getty Images

Restrictions are returning across much of Europe as the continent faces a second coronavirus wave.

The big picture: Spain and France each surpassed 1 million cases last week, and both countries have implemented further restrictions on citizens. Italian officials announced strict new measures, effective Monday, to combat another cases spike. From Denmark to Romania, take a look at what steps countries have been taking, in photos.

Updated 1 hour ago - Science

Tropical Storm Zeta may strengthen into hurricane before reaching U.S.

The U.S. Gulf Coast and Mexico are bracing for another possible hurricane after Tropical Storm Zeta formed in the Caribbean Sea Sunday.

Of note: Zeta is the 27th named storm of the 2020 Atlantic Hurricane season — equaling a record set in 2005.