Monday, May 20, 2024

Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang

A coordinated law enforcement operation has resulted in the arrest of 11 members allegedly belonging to a Nigerian cybercrime gang notorious for perpetrating business email compromise (BEC) attacks targeting more than 50,000 victims in recent years.

The disruption of the BEC network is the result of a ten-day investigation dubbed Operation Falcon II undertaken by the Interpol along with participation from the Nigeria Police Force’s Cybercrime Police Unit in December 2021.

Cybersecurity firms Group-IB and Palo Alto Networks’ Unit 42, both of which shared information on the threat actors and their infrastructure, said six of the 11 suspects are believed to be a part of a prolific group of Nigerian cyber actors known as SilverTerrier (aka TMT).

BEC attacks, which began to gain dominance in 2013, are sophisticated scams that target legitimate business email accounts through social engineering schemes to infiltrate corporate networks and subsequently leverage their access to initiate or redirect the transfer of business funds to attacker-controlled bank accounts for personal gain.

“One of the arrested suspects was in possession of more than 800,000 potential victim domain credentials on his laptop,” Interpol said in a statement. “Another suspect had been monitoring conversations between 16 companies and their clients and diverting funds to ‘SilverTerrier’ whenever company transactions were about to be made.”

SilverTerrier has been linked to 540 distinct clusters of activity to date, with the collective increasingly adopting remote access trojans and malware packaged as Microsoft Office documents to mount their attacks. Unit 42, in a report published in October 2021, said it identified over 170,700 samples of malware directly attributed to Nigerian BEC actors since 2014.

Recommended:  DHL named most-spoofed brand in phishing

The latest arrests constitute the second edition of Operation Falcon, the first of which resulted in the apprehension of three alleged members of the SilverTerrier gang in November 2020 for compromising at least 500,000 government and private sector companies in more than 150 countries since 2017.

“BEC remains the most common and most costly threat facing our customers,” Unit 42 researchers said. “Over half a decade, global losses have ballooned from $360 million in 2016 to a staggering $1.8 billion in 2020.”

To mitigate such financial attacks, it’s recommended for organizations to review network security policies, periodically audit mail server configurations, employee mail settings, and conduct employee training to ensure that wire transfer requests are validated using “verified and established points of contact for suppliers, vendors and partners.”


Go to Homepage

Go to Cybersecurity Academy

You may also enjoy reading, Red Cross hit by a Sophisticated Cyber Attack leading to Databreach

Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for RiSec Weekly Cybersecurity Newsletter Today

ClosePlease login
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

User Avatar
Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates