Russian "Fancy Bear" hackers prowl sports anti

Microsoft says its Threat Intelligence Centre has tracked "significant cyber attacks" by the Advanced Persistent Threat 28 hacking group, targeting sports and anti-doping agencies ahead of the 2020 Tokyo Summer Olympics.

Beginning in September this year, APT 28 which is also known as Fancy Bear and Strontium, attacked 16 national and international sports and anti-doping organisations in three continents, Microsoft said.

While most of the attacks were unsuccessful, the hackers succeeded in some cases, although Microsoft provided no further details on this.

Microsoft said the attacks started just before the World Anti-Doping Agency (WADA) said it had considered banning Russia from taking part and hosting all major sports events. That move came Russia deleted data on athletes being tested for performance-enhancing drugs.

The data from Russia's Moscow laboratory was provided to WADA in January this year, as part of the country being allowed back into international sports following a three-year suspension due to a state-sponsored doping program.

Spear-phishing, password spraying, exploiting internet-connected devices along with open source and custom malware are some of the known hacking tradecraft employed by APT 28.

The hacking group has been linked to Russia's military intelligence service GRU.

It was accused by WADA of a network intrusion in 2016 that saw a database with confidential medical information on Rio Olympics athletes being dumped on the internet.

Branded a "threat to democracy" by Microsoft, APT 28 has also targeted governments, armed forces, think tanks, law firms, financial companies and human rights organisations, as well as universitites around the world.

The hackers also use scores of fake Microsoft domains for attacks, forcing the company to take legal action to shutter them.