Olympic Tickets 2020
| Primary URL | Location | Industry | olympictickets2020[.]com |
Country
United States of America
|
Commercial
|
|---|
Profile
Olympic Tickets 2020, also known by its alias, operates as a ticket reseller specializing in major sporting events. The organisation is headquartered in the United States of America. Its primary service involves facilitating the purchase and sale of tickets for high-profile competitions such as the Olympics and other international tournaments. This focus places it within the secondary ticket market, serving consumers seeking access to sold-out or high-demand events.
On December 3, 2019, security researchers reported that the organisation’s websites were compromised by a MageCart group. The attackers injected malicious code into a legitimate JavaScript library named Slippry that was used on the ticket reseller’s sites. The injected skimmer was designed to activate when users entered payment-related keywords during the checkout process. Once activated, the script captured payment card details and transmitted them to a domain controlled by the attackers. Analysis indicated that the malicious script remained undetected for approximately fifty days on one of the organisation’s sites and for about two weeks on another. The discovery was made through code analysis that revealed the anomalous behavior within the Slippry library.
Researchers identified a second infected site operated by the same entity by examining shared infrastructure and ownership details. This correlation suggested that both websites were under common control and likely maintained by the same technical team. The shared infrastructure included hosting providers, domain registration information, and possibly common development frameworks. Such overlap allowed analysts to confidently attribute both compromises to the Olympic Tickets 2020 operation.
Upon discovering the skimmer, the researchers contacted the organisation through multiple channels, including email, social media platforms, and live chat support. Initially, the operator dismissed the findings, questioning the validity of the reports. After continued communication and presentation of evidence, the organisation acknowledged the issue. Subsequently, the malicious script was removed from the affected websites, terminating the data exfiltration. The timeline of removal followed the period during which the skimmer had been active, though the exact date of cleanup is not specified in the source.
Customers who completed transactions on the compromised sites while the skimmer was active likely had their payment card information stolen. The stolen data could be used for fraudulent purchases or sold on underground markets. The incident highlights the risks associated with third‑party JavaScript libraries in e‑commerce environments. It also underscores the importance of timely response to security disclosures, even when initial reactions are skeptical. Olympic Tickets 2020’s case serves as a reminder for ticket resellers and online retailers to monitor code integrity and implement robust detection mechanisms.
