Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Posted By: IT Wiser
Nigerian 419 Scammers Turn to Advanced Malware to Target Businesses
Back in the day, when cybercrime was just beginning to gather momentum, 419 attacks were a big deal. You know the ones … where a poorly written email landed in your inbox from a wealthy individual seeking to reward you handsomely for helping to export their wealth out of their native Nigeria. Should the victim hand over bank details in order to help, the fraudsters would instead raid the account and never been seen again. Thanks to Cloud Web Security and a widespread knowledge of the scam, the 419ers became a bit of a joke. However, they are nothing if not persistent, turning to new methods in order to fleece the unsuspecting.
According to a report from Palo Alto Networks, Nigeria’s cybercriminals are evolving from common malware phishing campaigns to advanced tools used by some of the world’s more successful hackers. And their primary target focus has shifted too – from individuals to businesses.
Dubbed ‘Silver Spaniel’ by researchers, the attacks began, as so many do, with a malicious email attachment which when clicked on installs malware onto a computer, jeopardising security and sensitive data. Programmes used to carry out the attacks include remote administration tools (RATs) NetWire and DarkComet, which allow attackers to take over Windows, Mac and Linux operating systems, and DataScrambler, which is used to repackage NetWire in an attempt to avoid antivirus detection.
The report warns that these readily available and inexpensive tools can be ‘deployed by any individual with a laptop and an e-mail address’.
Experts in Social Engineering, Amateurs in Malware
Palo Alto Networks said that the attackers represent a growing threat to businesses that have not previously been targeted; however, their expertise in malware leaves a lot to be desired.
“The actors don't show a high level of technical acumen,” said Ryan Olson, intelligence director at Palo Alto Networks, adding that scammers showed “remarkably poor operational security”.
The report also detailed the move from ‘wealthy individual’ to the Silver Spaniel of hapless Ojie Victor, who was found posting on forums and social networks. Clearly confused by the more advanced tools, Victor was found tweeting “I NEED A SPOOFER FOR MY CYBERGATE RAT... CAN SOMEBODY HELP ME OUT HERE? firstname.lastname@example.org.”
While their attempts at scamming businesses are amateurish to say the least, the determination of the Silver Spaniel actors should not be overlooked. Fortunately, like the 419 social engineering campaigns, Cloud Web Security has all the tools and features to keep you safe.