TheCable

An unnamed Nigerian has allegedly orchestrated numerous malware infection campaigns targeting more than 4,000 organisations globally over the past four months.

This has stirred a global manhunt to apprehend the attacker, NAN reports.

Quoting Check Point, the report said the attacks targeted various companies in industries such as oil and gas, manufacturing, banking, and construction, in an attempt to steal data and commit fraud.

It was learnt that some of the companies who confirmed that they have been infected during the campaign, including a marine and energy solutions company in Croatia, a transportation company in Abu Dhabi, a mining company in Egypt, a construction company in Dubai, an oil and gas firm in Kuwait, and a construction organization in Germany.

The attacks which resulted in a total of 14 successful infections has earned thousands of dollars in the process to the Nigerian attacker, the report said.

it further says that despite showing a low level of cyber-skills, using crude and unsophisticated fraudulent emails, with almost no research or social engineering involved in creating them, the attacker was successful in his attempts.

“A relatively unskilled man in his mid-20s, operating from a location near the capital of Nigeria,” security experts said.

“The fact that the campaign was still effective, despite using only basic cyber-criminal techniques, highlights just how much of a problem these business email compromise (BEC) attacks have become.

“This highlights the need for all organisations to improve their security to protect against phishing and business email compromise scams, and to educate their employees to be cautious about opening emails, even from companies or individuals that they recognise.”