Joerg Habermeier – stock.adobe.c
Nigerian police have arrested three suspects in Lagos believed to be members of a major organised crime group responsible for phishing and malware campaigns, and business email compromise (BEC) scams, following a joint investigation with Interpol and cyber security company Group-IB.
The gang allegedly developed phishing links, domains and mass mailing campaigns in which they posed as members of various legitimate organisations with lures including purchase orders, product enquiries, and Covid-19 assistance. Their victims were compromised with a wide variety of malware, remote access trojans (Rats) and spyware, among them AgentTesla, Loki, Azorult, Spartan, nanocore and Remcos, which were used to launch further scams and siphon funds.
Interpol cyber crime director Craig Jones said: “This group was running a well-established criminal business model. From infiltration to cashing in, they used a multitude of tools and techniques to generate maximum profits. We look forward to seeing additional results from this operation.”
The year-long investigation – dubbed Operation Falcon – took place under the auspices of Project Gateway, a framework initiative run by Interpol to gather threat intelligence from the private sector.
During the course of the probe, Interpol’s Cybercrime and Financial Crime unit worked alongside Group-IB to identify and locate the suspects, and eventually assist the Nigeria Police Force, via its National Central Bureau in the nation’s capital, Abuja, in taking them into custody.
“This cross-border operation once again demonstrated that only effective collaboration between private sector cyber security companies and international law enforcement can bring evildoers to justice,” added Group-IB’s APAC cyber investigations team head, Vesta Mateeva.
“It allows to overcome regulatory differences across countries that impede threat intelligence data exchange. While further investigation is underway, we are proud by what we’ve been able to achieve thanks to coordinated efforts by Interpol with the support of Nigerian cyber police,” she said.
Group-IB said the men may have successfully compromised both public and private sector companies in over 150 companies in the space of just three years. It has identified 500,000 targeted victims to date, located in Japan, Nigeria, Singapore, the UK and the US.
The investigation also established that the gang, which Group-IB refers to as TMT, was divided into a number of different subgroups, and as a result a number of individuals are thought to still be at large.
The firm said that the gang’s monetisation efforts were still being investigated, but cautioned that it was not uncommon for cyber criminals to sell account access, alongside any sensitive data they may have been able to exfiltrate from their victims, on underground dark web forums.
In this e-guide, we will explore the links between ransomware attacks, data breaches and identity theft. First, Nicholas Fearn investigates the phenomenon of the double extortion attack, and shares some insider advice on how to stop them, while we’ll explore the top five ways data backups can protect against ransomware in the first place.
Companies need to work on ensuring their developers are satisfied with their jobs and how they’re treated, otherwise it’ll be …
Companies must balance customer needs against potential risks during software development to ensure they aren’t ignoring security…
With the right planning, leadership and skills, companies can use digital transformation to drive improved revenues and customer …
A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. …
Remote browser isolation benefits end-user experience and an organization’s network security. Compare the pros, cons and cost …
Explore five SecOps certifications available to IT professionals looking to demonstrate and enhance their knowledge of threat …
Cisco DevNet certifications require a lot of time investment, but network pros who pursue the certifications say the gained …
Cloud automation use cases highlight the benefits these tools can provide to companies evaluating how best to manage and …
In this book excerpt, readers can explore the Cisco DEVASC 200-901 official guide and get a flavor of one of Cisco’s newest exams…
Finding the right server operating temperature can be tricky. ASHRAE standards provide guidance for all server classes and what …
These unexpected charges and fees can balloon colocation costs for enterprise IT organizations.
Off-site hardware upkeep can be tricky and time-consuming. With remote hands options, your admins can delegate routine …
Data management vendor Ataccama adds new automation features to its Gen2 platform to help organizations automatically discover …
IBM has a tuned-up version of Db2 planned, featuring a handful of AI and machine learning capabilities to make it easier for …
A database company founded by former Twitter engineers is pushing forward its vision of a way to consume database as a service …
All Rights Reserved, Copyright 2000 – 2020, TechTarget
Privacy Policy
Cookie Preferences
Do Not Sell My Personal Info