Nigerian Banks, Others Suffer Wave of Malware Attacks – Symantec

Since mid-2017, cybercriminals have been targeting financial institutions in a number of West African countries using a variety of commodity malware programs and living off the land tools (i.e., tools already installed on targeted computers, or simple scripts and shellcode run directly in memory).

To date, organizations in Cameroon, Democratic Republic of the Congo, Ghana, Equatorial Guinea and Ivory Coast have been “hit by a wave of attacks,” according to a blog posted by cybersecurity firm Symantec.

Parties behind the attacks have not been identified; Symantec said they could be the work of just one group or several groups using similar tactics. The latest occurred in mid-December, the company said.

Symantec has detected four types of attack, which are detailed in the blog. All attack types were discovered through alerts generated by Symantec Targeted Attack Analytics, a program that uses artificial intelligence to spot data patterns associated with targeted attacks.

According to the blog: A growing number of attackers in recent years are adopting “living off the land” tactics — namely the use of operating system features or network administration tools to compromise victims’ networks. By exploiting these tools, attackers hope to hide in plain sight, since most activity involving these tools is legitimate.

Dangerous Hooded Hacker Breaks into Government Data Servers and Infects Their System with a Virus. His Hideout Place has Dark Atmosphere, Multiple Displays, Cables Everywhere.

© Getty Dangerous Hooded Hacker Breaks into Government Data Servers and Infects Their System with a Virus. His Hideout Place has Dark Atmosphere, Multiple Displays, Cables Everywhere.

However, in each case, a TAA alert was triggered by the attackers maliciously using a legitimate tool. In short, the attackers’ use of living off the land tactics led to the discovery of their attacks.”

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: