Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Nigerian Cybercriminals Target Firms Worldwide in BEC Campaign

Researchers at Trend Micro have been monitoring a business email compromise (BEC) campaign aimed at companies from all around the world.

Researchers at Trend Micro have been monitoring a business email compromise (BEC) campaign aimed at companies from all around the world.

The campaign, dubbed by experts Olympic Vision based on a piece of malware used by the attackers, is believed to be run by two Nigerian cybercriminals — one located in Lagos, Nigeria’s largest city, and one in Kuala Lumpur, the capital of Malaysia.

According to the security firm, the cybercriminals target organizations in sectors such as manufacturing, real estate and construction from the Asia Pacific region (38 percent), Europe and the Middle East (38 percent), and North America (22 percent). The list of targeted countries includes Canada, the United States, China, Indonesia, Malaysia, Thailand, Germany, the Netherlands, Slovakia, Spain, the United Kingdom, Iran, Iraq, Qatar, Saudi Arabia, UAE, and the African country Zimbabwe.

In BEC attacks, cybercriminals compromise the targeted organization’s business email accounts, particularly ones of executives and employees in charge of wire transfers. This access is used to obtain information and manipulate employees into transferring large amounts of money to bank accounts controlled by the fraudsters.

In the campaign observed by Trend Micro, the attackers sent urgent-sounding emails in an attempt to trick potential victims into installing a piece of malware dubbed Olympic Vision. The threat, whose toolkit can be acquired for only $25, allows attackers to steal various types of information from the infected device, including saved credentials from browsers and email clients, Windows product keys, keystrokes, network information, screenshots, and images and text from the clipboard.

Such information helps the cybercrooks hijack email accounts and increase the efficiency of their social engineering schemes when they attempt to trick victims into wiring money.

Trend Micro says it has uncovered the identities of the two Nigerian suspects and has been working with law enforcement to crack down on their activities.

BEC scams are increasingly common and the FBI issued a warning last year to inform companies about the threat. According to the agency, more than 7,000 companies in the United States had been affected by such scams since 2013, totaling losses of more than $740,000.

Advertisement. Scroll to continue reading.

One recent example of a successful BEC attack involves aircraft parts manufacturer FACC AG, which lost roughly $54 million after cybercriminals targeted its accounting department.

A study conducted recently by email services provider Mimecast showed that while 64 percent of IT security professionals view email as a major threat to their business, 65 percent don’t feel properly equipped to handle potential attacks. In fact, one third of the 600 experts who took part in the survey said their email had been more vulnerable compared to five years ago.

Related: Seagate Employee Tax Forms Stolen in Phishing Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.