InfoSecBulletin Cybersecurity for mankind
Proofpoint found a fake website selling tickets for the Paris 2024 Summer Olympic Games. The website, “paris24tickets[.]com,” claimed to be a secondary marketplace for sports and live event tickets.
It appeared as the second sponsored search result on Google, right after the official website, when searching for “Paris 2024 tickets” and similar terms. Proofpoint confirmed with official sources in France that the website was fraudulent. proofpoint’s Takedown Team promptly worked with the domain registrar to suspend the website.
Hackers Exploits RCE flaw in Cisco Small Business Router
CISA Alerts For Active Exploited Zimbra and Microsoft flaw
200 Fake GitHub Repos Attacking Developers to Deliver Malware
Renew Dubai visa within minutes with AI-powered Salama
CVE-2024-20953
CISA Flags Oracle Agile PLM Actively Exploited Security Flaw
Stablecoin Bank Hacked – Hackers Stolen $49.5M
CVE-2025-20029
PoC Exploit Released for F5 BIG-IP Command Injection Vuln
By 1 April 2025
Australia Bans Kaspersky on its govt systems and devices
CISA Flags Craft CMS Code Injection Flaw Amid Active Attacks
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
According to the French Gendarmerie Nationale, they have found 338 fraudulent Olympics ticketing websites. Of these, 51 have been shut down and 140 have received formal notices from law enforcement.
The Proofpoint researchers found a website with a homepage that listed several Olympic events. If users clicked on a sport icon, they would be directed to a ticketing page where they could select tickets and make payments. The site also seemed to offer the option to create accounts for buying and selling tickets.
The website design looked like other popular ticketing sites, which made visitors feel that the site was trustworthy.
The people running this website may have tried to steal money from those buying or selling Olympic tickets. They might have also taken personal information such as names, contact details, and credit card information from ticket buyers.
The domain was mainly spread through ads in search results. Although it was not widely seen in email campaigns, it was found in a few emails. The sender of these emails pretended to offer “discounts” on tickets that might interest the recipient. Researchers cannot confirm how the sender got the emails, but it’s possible that users provided their email address when signing up or trying to buy tickets on the website.
