World Video | Defence | Foreign Affairs | Natural Events | Trade | NZ in World News | NZ National News Video | NZ Regional News | Search

 

West African Financial Institutions Hit by Cyber Attacks

Symantec Threat Intelligence: West African Financial Institutions Hit by Wave of Attacks

Symantec researchers have uncovered attacks on banks and other financial institutions in several West African countries by cyber criminals employing a range of commodity malware – readily available in the cyber underground – and living off the land tools that allow them to hide in a sea of legitimate processes. Until now, Symantec has seen relatively little evidence of these kinds of attacks against the financial sector in West Africa, but it now appears there is at least one group (and quite possibly more groups) actively targeting banks in the region.

The attacks have been underway since mid-2017 and have affected organisations in Cameroon, The Democratic Republic of the Congo, Ghana, Equatorial Guinea, and Ivory Coast. It is unknown who is behind these attacks which could be the work of a single group or, more likely, several different groups employing similar tactics to potentially perform financial fraud, steal network credentials and/or create remote access capability.




Figure 1: Countries where financial institutions have been attacked

Symantec observed distinct attack campaigns directed against financial targets in Africa that share commonalities in the tools and tactics employed. Off-the-shelf, commodity malware was used, adding a level of anonymity to attacks and making it harder to link attacks together or attribute them to any one group of attackers. Additionally, most of the attacks leveraged living off the land tactics, making use of legitimate tools such as PowerShell, PsExec, and RDP.



These attack campaigns were discovered through alerts generated by Symantec’s Targeted Attack Analytics which uses advanced AI to spot patterns associated with targeted attacks.

To read the full Threat Intelligence Report please go to https://www.symantec.com/blogs/threat-intelligence/african-financial-attacks

ends

© Scoop Media

 
 
 
World Headlines

 

Gordon Campbell: On The Anti-Corbyn Split In British Labour

The resignation of seven UK Labour MPs in protest against the leadership of Jeremy Corbyn is another example of the centre-left’s readiness to sabotage its own cause ... More>>

Gordon Campbell: On Why We Shouldn’t Support The US-Led Coup In Venezuela

There’s a decidedly retro feel to the US-engineered coup now unfolding in Venezuela, which looks like a throwback to the 1950s, back when the US could overthrow any country (Iran 1953, Guatemala 1954) that posed a problem (or presented an opportunity) for US corporate interests. More>>

ALSO:

The Gili Islands: A Community Earthquake Recovery Effort

Joseph Cederwall travelled to the Gili Islands in October 2018 to talk to locals about their experiences of the event and witness the impact and the rebuild efforts on this unique ecotourism destination. More>>

Gordon Campbell: On The Ongoing Carnage In Gaza

The past month has devoted a lot of space to the best music and films of 2018, and far less to the past year’s human rights violations. The under-reporting on the ongoing carnage in Gaza has been a case in point. More>>

ALSO:

New Report: Refugees In PNG Being Pushed To The Brink

Refugee Council of Australia and Amnesty International paint a stark picture of a traumatised refugee population hit hard by Australia's recent healthcare and counselling service cuts, as well as continued threats to their safety. More>>

ALSO: