Nigeria cybercrime syndicate targeting 50,000 firms busted, 11 suspects arrested – Interpol

A high network cybercrime syndicate operating in Nigeria known as SilverTerrier, has been busted.

Eleven people suspected to be members of the gang were also arrested and found with 800,000 passwords targeting 50,000 companies and individuals, according to the latest report from Interpol released on Wednesday.
The international policing agency said the suspects appeared to have targeted as many as 50,000 different individuals and companies via so-called “Business Email Compromise.”
They are said to operate by intercepting emails, either via hacking into accounts or spoofing email addresses, and trick companies into sending funds to the fraudsters rather than business partners with whom they believed they were interacting.
BEC is said to remain the most costly kind of fraud to Americans.
According to the FBI’s most recent annual cybercrime report, losses totalled $1.8 billion in 2020 alone, with global losses estimated to be close to $5 billion in the years between 2018 and 2020. That makes it a far more financially damaging crime than ransomware, one of the better-known kinds of cyberattack.
The SilverTerrier gang is known as one of the more successful BEC fraud groups, said Interpol, adding that initial analysis of one of the 11 suspects’ computers indicated they were in possession of more than 800,000 usernames and passwords, which could potentially have been used to hack into company email accounts.
Another suspect was found to be monitoring conversations between 16 companies and their clients to divert legitimate transactions just as they were about to be made, Interpol said.
Nigeria’s assistant inspector general of police Garba Baba Umar said that working with Interpol, he was able to “give the order to hunt down these globally active criminals nationwide, flushing them out no matter where they tried to hide in my country.”
The report also quoted Craig Jones, Interpol’s director of cybercrime, as saying, “Interpol is closing ranks on gangs like SilverTerrier. As investigations continue to unfold, we are building a very clear picture of how such groups function and corrupt for financial gain… We know where and whom to target next.”
The report also stated that Money Team Cybersecurity company Palo Alto Networks tracked all BEC fraud coming out of Nigeria under the name SilverTerrier and found that among the nearly 500 different “actors” involved, they were “often connected through only a few degrees of separation on social media platforms,” showing links between over 120 actors.
Forbes also in the same report quoted Palo Alto as saying it had assisted in the Interpol investigation and provided details on some of the individuals arrested.
“This operation was novel in its approach in that it didn’t target the easily identifiable money mules or flashy Instagram influencers who are typically seen benefiting from these schemes. Instead, this operation focused predominantly on the technical backbone of BEC operations by targeting the actors who possess the skills and knowledge to build and deploy the malware and domain infrastructure used in these schemes,” the company post read.
The company claimed that one of those arrested had previously been apprehended by the FBI in 2018.
“His recent arrest marks one of the first known instances of a Nigerian actor being arrested twice for BEC,” it added. Another suspect was part of an organization called “The Money Team” or TMT , which has ostensibly legitimate businesses, including one that makes professional cakes and another that claims to be one of Nigeria’s biggest travel and tour providers.
Palo Alto claimed one of those arrested in Nigeria for BEC fraud was helping run a seemingly legitimate business.
“After compromising a patient zero, fraudsters analyzed their email correspondence. By enabling special filtering of emails, the cybercriminals ensured that interesting emails (containing payment information) addressed to the victim are first redirected to fraudsters’ fake email boxes or are hidden from the victim in service directories,” a company spokesperson told Forbes.
Group-IB provided Forbes with an example phishing email, showing how the gang posed as legitimate employees and encouraged swift payment into their bank accounts.