Security Experts:

Connect with us

Hi, what are you looking for?



Nigerian Cybercriminals Target Firms Worldwide in BEC Campaign

Researchers at Trend Micro have been monitoring a business email compromise (BEC) campaign aimed at companies from all around the world.

Researchers at Trend Micro have been monitoring a business email compromise (BEC) campaign aimed at companies from all around the world.

The campaign, dubbed by experts Olympic Vision based on a piece of malware used by the attackers, is believed to be run by two Nigerian cybercriminals — one located in Lagos, Nigeria’s largest city, and one in Kuala Lumpur, the capital of Malaysia.

According to the security firm, the cybercriminals target organizations in sectors such as manufacturing, real estate and construction from the Asia Pacific region (38 percent), Europe and the Middle East (38 percent), and North America (22 percent). The list of targeted countries includes Canada, the United States, China, Indonesia, Malaysia, Thailand, Germany, the Netherlands, Slovakia, Spain, the United Kingdom, Iran, Iraq, Qatar, Saudi Arabia, UAE, and the African country Zimbabwe.

In BEC attacks, cybercriminals compromise the targeted organization’s business email accounts, particularly ones of executives and employees in charge of wire transfers. This access is used to obtain information and manipulate employees into transferring large amounts of money to bank accounts controlled by the fraudsters.

In the campaign observed by Trend Micro, the attackers sent urgent-sounding emails in an attempt to trick potential victims into installing a piece of malware dubbed Olympic Vision. The threat, whose toolkit can be acquired for only $25, allows attackers to steal various types of information from the infected device, including saved credentials from browsers and email clients, Windows product keys, keystrokes, network information, screenshots, and images and text from the clipboard.

Such information helps the cybercrooks hijack email accounts and increase the efficiency of their social engineering schemes when they attempt to trick victims into wiring money.

Trend Micro says it has uncovered the identities of the two Nigerian suspects and has been working with law enforcement to crack down on their activities.

BEC scams are increasingly common and the FBI issued a warning last year to inform companies about the threat. According to the agency, more than 7,000 companies in the United States had been affected by such scams since 2013, totaling losses of more than $740,000.

One recent example of a successful BEC attack involves aircraft parts manufacturer FACC AG, which lost roughly $54 million after cybercriminals targeted its accounting department.

A study conducted recently by email services provider Mimecast showed that while 64 percent of IT security professionals view email as a major threat to their business, 65 percent don’t feel properly equipped to handle potential attacks. In fact, one third of the 600 experts who took part in the survey said their email had been more vulnerable compared to five years ago.

Related: Seagate Employee Tax Forms Stolen in Phishing Attack

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.


A high-severity format string vulnerability in F5 BIG-IP can be exploited to cause a DoS condition and potentially execute arbitrary code.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.