Participants in the opening ceremony for the Pyeongchang Olympics on Feb. 9, 2018. Photo: Kyodo News via Getty Images

The newly discovered malware known as "Olympic Destroyer" was specifically designed to attack the Olympics, researchers have found, although the first batch of investigations haven't been able to pin point the source.

How it works: Like the name suggests, Destroyer is purely destructive. Unlike ransomware, it does not extort money, and the malware doesn't steal files. Instead, it deletes backup files on a system and tampers with files needed to boot a computer, making it impossible to boot without repair. It does not delete the main files or programs on a computer.

Why that matters: Researchers at Cisco's Talos division speculate that, without a backup, tech support would won't restore the hard drive to a state where the malware is totally wiped. The attacker can then relaunch the same attack over and over again.

  • The malware uses hard-coded network credentials for Olympic systems and any credentials it comes across, allowing it to attack other computers on the same network.
  • Changing the hard-coded credentials could then set loose another attack.
  • The attackers would have had to steal credentials before programming it into the malware.

Who's behind it: Adam Meyers, Vice President of Intelligence at Crowdstrike, notes that Fancy Bear, one of the believed Russian groups thought to be behind the Democratic National Committee breach, hacked a number of Olympic-affiliated systems in November and December. The malware was compiled in late December. That might hint at Russian involvement.

  • Possible motive: Russia feels that being all but barred from the Olympics for widespread doping is a slight against the nation. In the 2016 Olympics, when Russian athletes were banned in bulk, a lead Fancy Bear is believed to have hacked the World Anti Doping Agency.
  • Yes, but: The timeline of attacks doesn't necessarily attribute it to Russia, Meyers said.
  • Maybe China? The firm Intezer found that Olympic Destroyer shared "significant" chunks of computer code with believed Chinese-affiliated espionage groups. That does not mean China is behind the attack so much as someone using Chinese computer code is behind the attack. But Intezer, which operates a code analysis system similar to automated plagiarism detection websites, has not found any other code that matches.

Go deeper

Updated 2 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 3 a.m. ET: 19,648,084 — Total deaths: 727,024 — Total recoveries — 11,941,723Map.
  2. U.S.: Total confirmed cases as of 3 a.m. ET: 4,998,105 — Total deaths: 162,425 — Total recoveries: 1,643,118 — Total tests: 61,080,587Map.
  3. Politics: Trump signs 4 executive actions on coronavirus aid — Democrats, and some Republicans, criticize the move
  4. Public health: Fauci says chances are "not great" that COVID-19 vaccine will be 98% effective — 1 in 3 Americans would decline COVID-19 vaccine.
  5. Science: Indoor air is the next coronavirus frontline.
  6. Schools: How back-to-school is playing out in the South as coronavirus rages on — Princeton, Johns Hopkins, Howard to hold fall classes online.
Updated 3 hours ago - World

Brazil coronavirus death toll tops 100,000 and case numbers surpass 3 million

Brazilian President Jair Bolsonaro posted a photo of himself to Facebook congratulating his soccer team, Palmeiras, for winning the state title Saturday, moments after the health ministry confirmed the national COVID-19 death toll had surpassed 100,000.

Why it matters: Brazil is only the second country to confirm more than 100,000 deaths from the coronavirus. On Sunday morning, it became the second country to surpass 3 million cases, per Johns Hopkins. Only the U.S. has reported more. Bolsonaro has yet to address the milestones. He has previously tested positive for COVID-19 three times, but he's downplayed the impact of the virus, which has crippled Brazil's economy.

Editor's note: This article has been updated with the latest coronavirus case numbers and more context.

Updated 6 hours ago - Politics & Policy

Republicans and Democrats react to Trump's coronavirus aid action

President Trump speaks to workers at a manufacturing facility in Clyde, Ohio, on Thursday. Photo: Scott Olson/Getty Images

Some Republicans joined Democrats in criticizing President Trump Saturday night for taking executive action on coronavirus aid, with Democratic leaders demanding the GOP return to negotiations after stimulus package talks broke down a day earlier.

Why it matters: Trump could face legal challenges on his ability to act without congressional approval, where the constitutional power lies on federal spending. Sen. Ben Sasse (R-Neb.) was the most vocal Republican critic, saying in a statement: "The pen-and-phone theory of executive lawmaking is unconstitutional slop."