How Nigerian cyber criminals have evolved
Posted on 22.07.2014
Cyber criminals in Nigeria have evolved common malware campaigns to infiltrate businesses that have not previously been their primary targets, according to Palo Alto Networks.

Nigerian criminals are infamous for running easily-spotted "419" phishing scams that attempt to collect credit card details or personal information from individuals, but over the past few years have expanded their skills to target businesses using more advanced techniques.

While the attack techniques used by this group are unsophisticated compared to nation state and advanced cyber crime actors, they deploy many of the same tools.

Among other techniques, Nigerian criminals use Remote Administration Tools (RATs) available through underground forums, including commercial RATs such as NetWire, that provide complete control over infected systems.

Attacks similar to Silver Spaniel in the past may have come from Eastern Europe or a hostile espionage group; businesses haven't traditionally dedicated resources to these potentially impactful spammers from Nigeria.

Traditional antivirus programs and legacy firewalls are ineffective because Silver Spaniel attacks are specifically designed to evade those technologies.

"These Silver Spaniel malware activities originate in Nigeria and employ tactics, techniques and procedures similar to one another. The actors don't show a high level of technical acumen, but represent a growing threat to businesses that have not previously been their primary targets." - Ryan Olson, Unit 42 Intelligence Director, Palo Alto Networks.

To protect against the NetWire RAT, Palo Alto Networks has released a free tool to decrypt and decode command and control traffic and reveal data stolen by Silver Spaniel attackers, available at GitHub.





Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //