Key facts
- KELA Research discovered over 4,300 fraudulent domains targeting the 2026 FIFA World Cup.
- More than 1.5 million compromised accounts were found to be targeting the tournament.
- The report indicated the alleged sale of internal server access.
- The compromised infrastructure is linked to the tournament's North American digital operations.
KELA Research has uncovered a significant cyber threat campaign targeting the 2026 FIFA World Cup. The investigation revealed the existence of over 4,300 fraudulent domains specifically set up to exploit the tournament. Furthermore, the report highlighted that more than 1.5 million accounts have been compromised, with malicious actors potentially using them for fraudulent activities related to the event. Adding to the concerns, KELA's findings also point to the alleged sale of access to internal servers, which could compromise the digital infrastructure supporting the tournament, particularly in North America.