A Nigerian working alone around Abuja has stirred a global hunt as he orchestrated numerous malware infection campaigns targeting more than 4,000 organisations globally over the past four months, a cyber security company claimed.
www.Securityweek.com quoting Check Point security researchers said the attacks targeted various companies in industries such as oil & gas, manufacturing, banking, and construction, in an attempt to steal data and commit fraud.
Many of the companies are leading international names and some have had their defenses breached by the attacks, the security researchers reveal.
According to Check Point, at least a dozen companies confirmed they have been infected during the campaign, including a marine and energy solutions company in Croatia, a transportation company in Abu Dhabi, a mining company in Egypt, a construction company in Dubai, an oil & gas firm in Kuwait, and a construction organization in Germany.
Despite the large scale campaign, behind it is not an expert gang of cybercriminals or a nation state actor, but “a relatively unskilled man in his mid-20s, operating from a location near the capital of Nigeria,” Check Point discovered.
Working on his own, the Nigerian uses fraudulent emails seemingly coming from oil and gas giant Saudi Aramco, the world’s second largest daily oil producer. The phishing messages target financial departments within companies in an attempt to trick employees into revealing company bank details or into opening a malware-infected attachment.