Skip to main content

Increasingly Sophisticated Nigerian Cybercriminals Take Bigger Part of $3B BEC-Related Losses

Today Unit 42 published our latest paper detailing the continued growth of Nigerian cybercrime. We have applied advanced analytics to a dataset that exceeds 30,000 malware samples over a period of three years, which has enabled us to attribute more than 300 actors or groups associated with nearly half a million attacks against Palo Alto Networks customers.

We have observed Nigerian actors using 15 separate commodity malware tools in support of modern business email compromise (BEC) schemes. In the past year alone, they have conducted an average of 17,600 attacks per month, demonstrating a 45 percent increase from 2016. These attacks span all major industry verticals and target businesses rather than individuals. These actors have learned how to successfully employ commodity malware tools to  realize lucrative returns: according to the FBI, law enforcement now estimates that the exposed losses worldwide are more than US$3 billion.

We began tracking these actors, which we named SilverTerrier, in 2014. This new SilverTerrier paper, our third, details the history of Nigerian cybercrime, the tactics being employed, and unique insights into how the threat has matured in size, scope, complexity and technical competence over the past year. Additionally, it provides a detailed look at the following:

Tools & Trends

Simple commodity information stealers remain popular with Nigerian actors, however in the last year there has been notable growth in the adoption of more complex remote administration tools, or RATs. In this paper we present the trend lines associated with all 15 commodity malware tools in order to contrast the tools that are falling out of favor with those that are gaining popularity and forecasted to remain a threat throughout the next year.

Scalable Attribution

Traditionally, attribution efforts are scoped consistent with the analytic resources that can be brought to bear against a specific data set. Given the size and complexity of this data set, we present techniques which can be applied to enable large-scale, low-resource attribution efforts. In practice these techniques have proven to be successful in identifying SilverTerrier infrastructure and proactively informing network defense postures.

Comments

Popular posts from this blog

Cloud Computing powering India’s priority of ‘Digital-first country’

By: Sunil Mahale, India MD and VP, Nutanix
Digital transformation has been recognized as being vital to the growth of our nation. This transformation has enjoyed the unanimous approval and contribution from all stake holders including enterprises, MSMEs, government bodies and citizens. But this level of adoption in a country with a population of over a billion people would need a robust technology base that is capable to collecting and distributing vital data seamlessly.
Digital India envisions creating high speed digital highways, that will impact commerce and create a digital footprint for every individual. Technologies based on mobility, analytics, Internet of things and most importantly, cloud technologies are the building blocks for the digital India missionThere is a growing need to manage huge volumes of data, and making them readily available to public through digital cloud services. Cloud has a pivotal role in enabling this change.
While Data centers have become crucial to th…

RevStart launches its RevItUp Incubation Programme

Underlining its vision of creating a nurturing ecosystem for start-ups to grow in, RevStart, a co-working and incubation centre, has announced the launch of its RevItUp Incubation Programme. The 12-week long programme will be held at RevStart Incubation Centre in Noida from July 1, 2018 onwards. As part of the programme, RevStart will select five high potential start-ups from the ed-tech sector, AI, Consumer Internet, Sustainability, as well as for-profit social impact companies to assist them with developing their business, along with connecting them to global mentors across industries and sectors. In addition, start-ups selected for the programme will receive INR 5 lakh to Rs. 25 lakhs worth of cash and benefits, while RevStart will get an equity stake in the ventures.
The RevItUp Incubation Programme has been created to enhance the founding team’s industry, product, and company building knowledge and capabilities through a world-class curriculum. The programme will focus on tailor…

Insurtech startup Kruzr raises $1.3 Million from Saama Capital and Better Capital

InsurTech startup Kruzr has raised 1.3 Million USD (Rs. 9.5 Cr) for its seed round led by Saama Capital with participation from Better Capital. Kruzr is a preventive motor insurance technology which helps insurance companies personalize policy premiums & improve their risk model by delivering an engaging preventative driving assistant to their customers. Kruzr is founded by Pallav Singh, Ayan, and Jasmeet Singh Sethi.

Kruzr blends the power of voice technology and artificial intelligence in its personal driving assistant that helps drivers minimize mobile distractions, drowsy driving, speeding and external risks like weather and accident-prone zones. In pilots with insurers, Kruzr managed to cut down distracted driving by 80%. Kruzr is working with motor insurance companies in Europe, UK and India to bring its technology to their customers to prevent accidents & improve claims.

“Road accidents cause over 1.3 million deaths globally every year, and motor insurance companies los…