Researchers at Trend Micro have been monitoring a business email compromise (BEC) campaign aimed at companies from all around the world.
The campaign, dubbed by experts Olympic Vision based on a piece of malware used by the attackers, is believed to be run by two Nigerian cybercriminals — one located in Lagos, Nigeria’s largest city, and one in Kuala Lumpur, the capital of Malaysia.
According to the security firm, the cybercriminals target organizations in sectors such as manufacturing, real estate and construction from the Asia Pacific region (38 percent), Europe and the Middle East (38 percent), and North America (22 percent). The list of targeted countries includes Canada, the United States, China, Indonesia, Malaysia, Thailand, Germany, the Netherlands, Slovakia, Spain, the United Kingdom, Iran, Iraq, Qatar, Saudi Arabia, UAE, and the African country Zimbabwe.
In BEC attacks, cybercriminals compromise the targeted organization’s business email accounts, particularly ones of executives and employees in charge of wire transfers. This access is used to obtain information and manipulate employees into transferring large amounts of money to bank accounts controlled by the fraudsters.
In the campaign observed by Trend Micro, the attackers sent urgent-sounding emails in an attempt to trick potential victims into installing a piece of malware dubbed Olympic Vision. The threat, whose toolkit can be acquired for only $25, allows attackers to steal various types of information from the infected device, including saved credentials from browsers and email clients, Windows product keys, keystrokes, network information, screenshots, and images and text from the clipboard.
Such information helps the cybercrooks hijack email accounts and increase the efficiency of their social engineering schemes when they attempt to trick victims into wiring money.
Trend Micro says it has uncovered the identities of the two Nigerian suspects and has been working with law enforcement to crack down on their activities.
BEC scams are increasingly common and the FBI issued a warning last year to inform companies about the threat. According to the agency, more than 7,000 companies in the United States had been affected by such scams since 2013, totaling losses of more than $740,000.
One recent example of a successful BEC attack involves aircraft parts manufacturer FACC AG, which lost roughly $54 million after cybercriminals targeted its accounting department.
A study conducted recently by email services provider Mimecast showed that while 64 percent of IT security professionals view email as a major threat to their business, 65 percent don’t feel properly equipped to handle potential attacks. In fact, one third of the 600 experts who took part in the survey said their email had been more vulnerable compared to five years ago.