S0365Windows

S0365Olympic Destroyer

Platforms
1
ATT&CK
14.1
References
3

Description

[Olympic Destroyer](https://attack.mitre.org/software/S0365) is malware that was used by [Sandworm Team](https://attack.mitre.org/groups/G0034) against the 2018 Winter Olympics, held in Pyeongchang, South Korea. The main purpose of the malware was to render infected computer systems inoperable. The malware leverages various native Windows utilities and API calls to carry out its destructive tasks. [Olympic Destroyer](https://attack.mitre.org/software/S0365) has worm-like features to spread itself across a computer network in order to maximize its destructive impact.(Citation: Talos Olympic Destroyer 2018)(Citation: US District Court Indictment GRU Unit 74455 October 2020)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupSandworm Teamg0034100%live

References

  1. https://attack.mitre.org/software/S0365
  2. https://blog.talosintelligence.com/2018/02/olympic-destroyer.html
  3. https://www.justice.gov/opa/press-release/file/1328521/download

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
Sandworm Team
Software
NotPetya
Software
RunningRAT
Software
OceanSalt
Software
Gold Dragon
Software
Industroyer
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.