Nigerian authorities have arrested 11 individuals believed to be members of the business email compromise (BEC) crime ring tracked as SilverTerrier.
The 11 suspects were arrested as part of a 10-day operation (December 13-22, 2021) in which the Nigerian Police collaborated with Interpol and private security firms Palo Alto Networks and Group-IB.
The individuals are believed to be collectively involved in BEC attacks targeting more than 50,000 victims. On the laptop of one of the suspects, authorities found more than 800,000 potential victim domain credentials, Interpol says.
[ READ: Three Nigerians Arrested for Cybercrime Operation Targeting 150 Countries ]
Another suspect was observed monitoring conversations that 16 companies had with their clients and diverting funds whenever transactions were to be made, while a third is believed to have been involved in BEC attacks across West African countries such as Gambia, Ghana and Nigeria.
Also referred to as the TMT BEC gang, SilverTerrier has been active since 2014, compromising thousands of organizations worldwide and gathering numerous factions under its umbrella.
In 2019, 480 threat actors were linked to SilverTerrier attacks and the group was observed launching up to 245,637 BEC attacks per month, hitting organizations across many sectors.
A rather effective scheme, BEC fraud incurred losses of more than $1.8 billion in 2020 and of over $1.7 billion in 2019, and the SilverTerrier fraudsters are believed to be responsible for much of these losses.
The arrests were made as part of Operation Falcon II, which follows the November 2020 arrest of three Nigerian nationals believed to be SilverTerrier members. The group is estimated to have compromised “500,000 government and private sector companies by that time,” Group-IB says.
Related: Two Nigerians Sentenced to Prison in U.S. for Role in BEC Scams
Related: Nigerian Man Living in U.S. Charged Over Role in BEC Scheme
More from Ionut Arghire
- OpenAI Patches Account Takeover Vulnerabilities in ChatGPT
- New Wi-Fi Attack Allows Traffic Interception, Security Bypass
- Casino Giant Crown Resorts Investigating Ransomware Group’s Data Theft Claims
- Over 200 Organizations Targeted in Chinese Cyberespionage Campaign
- Nigerian BEC Scammer Sentenced to Prison in US
- China’s Nuclear Energy Sector Targeted in Cyberespionage Campaign
- 14 Million Records Stolen in Data Breach at Latitude Financial Services
- iOS Security Update Patches Exploited Vulnerability in Older iPhones
Latest News
- UK Introduces Mass Surveillance With Online Safety Bill
- Musk, Scientists Call for Halt to AI Race Sparked by ChatGPT
- Malware Hunters Spot Supply Chain Attack Hitting 3CX Desktop App
- LeapXpert Banks $22M Funding to Secure Corporate Messaging With Consumer Apps
- Blockchain Security Firm True I/O Raises $9 Million
- Spera Banks $10 Million to Tackle Identity and Access Sprawl
- OpenAI Patches Account Takeover Vulnerabilities in ChatGPT
- OpenSSL 1.1.1 Nears End of Life: Security Updates Only Until September 2023
