Eleven Arrested in Bust of Prolific Nigerian BEC Gang
Nigerian police have arrested 11 more suspected members of a prolific business email compromise (BEC) gang that may have targeted hundreds of thousands of organizations.
Interpol coordinated Operation Falcon II with the Nigerian Police Force (NPF) over 10 days in December 2021, having sought input from other police forces across the globe investigating BEC attacks via its I-24/7 communications network.
Those arrested are thought to be part of the Silver Terrier (aka TMT) group. One individual had the domain credentials of 800,000 potential victims on his laptop, while another was monitoring online conversations between 16 companies and their clients and diverting funds to TMT, Interpol claimed.
A third is suspected of BEC attacks across West Africa, including Nigeria, Gambia and Ghana.
Any intelligence and evidence gleaned from the operation will be fed into Interpol’s Global Financial Crime Taskforce (IGFCTF) to help prevent further fraud.
“Operation Falcon II sends a clear message that cybercrime will have serious repercussions for those involved in business email compromise fraud, particularly as we continue our onslaught against the threat actors, identifying and analyzing every cyber trace they leave,” said Interpol director of cybercrime, Craig Jones.
“Interpol is closing ranks on gangs like SilverTerrier. As investigations continue to unfold, we are building a very clear picture of how such groups function and corrupt for financial gain. Thanks to Operation Falcon II we know where and whom to target next.”
The first iteration of this anti-BEC campaign was run in 2020 and resulted in the arrest of three TMT suspects. The gang was thought to have compromised as many as 500,000 victim organizations by that time, according to Group-IB, which was involved in both operations.
“Group-IB’s APAC Cyber Investigations Team has contributed to the current operation by sharing information on the threat actors, having identified the attackers’ infrastructure, collected their digital traces and assembled data on their identities,” it explained in a statement.
“Group-IB has also expanded the investigation’s evidence base by reverse-engineering the samples of malware used by the cyber-criminals and conducting the digital forensics analysis of the files contained on the devices seized from the suspects.”
UK police reveal they are running fake DDoS-for-hire sites to collect details on cybercriminals
There's bad news if you're someone who is keen to launch a Distributed Denial-of-Service (DDoS) attack to boot a website...
Microsoft Fixes Security Flaw in Windows Screenshot Tools
Information disclosure vulnerability aCropalypse could enable malicious actors to recover sections of screenshots Read More
Three Variants of IcedID Malware Discovered
The new variants hint that considerable effort is going into the future of IcedID and its codebase Read More
New MacStealer Targets Catalina, Newer MacOS Versions
The malware can extract information from documents, browser cookies and login information Read More
Can zero trust be saved?
Graham Cluley Security News is sponsored this week by the folks at Kolide. Thanks to the great team there for...
Part of Twitter source code leaked on GitHub
Part of Twitter’s source code has been leaked and posted on GitHub by an unknown user. GitHub took down the...