3 October 2017

Nigeria: Cyber Attacks - Nigeria Jumps to 9 Spot As Banking Trojans Wreck Havoc

Lagos — Nigeria remains amongst the top ten countries at highest risk of cyberattack, currently sitting at number nine on the list after having climbed one position from last month according to Check Point Software Technologies Ltd August Global Threat Impact Index released at the weekend.

It revealed that banking trojans were extensively used by cyber-criminals during August, with three variants: The Zeus, Ramnit and Trickbot banking trojans all appeared in the top ten. These Trojans work by identifying when the victim is visiting a banking website, and then use keylogging or webinjects to harvest basic login credentials or more sensitive information such as PIN numbers.

Alternatively, Trojans may also direct victims to fake banking websites designed to mimic the legitimate ones and steal credentials that way. The August Global Threat Impact Index also revealed that Globeimposter, a ransomware disguised as a variant of the Globe ransomware, was the world's second most prevalent malware throughout the month.

In Nigeria, the study discovered that Roughted, a large scale Malvertising was used to deliver various malicious websites and payloads such as scams, adware, exploit kits and ransomware to attack any type of platform and operating system, and utilises ad-blocker, bypassing and fingerprinting in order to make sure it delivers the most relevant attack.

On the second spot was Virut, one of the major botnets and malware distributors in the Internet. It is used in DDoS attacks, spam distribution, data theft and fraud. The malware is spread through executables originating from infected devices such as USB sticks as well as compromised websites and attempts to infect any file accesses with the extensions .exe or .scr. Virut alters the local host files and opens a backdoor by joining an IRC channel controlled by a remote attacker.

Also, it found out Fireball, adware vastly distributed by the Chinese digital marketing company Rafotech acts as a browser-hijacker which changes the default search engine and installs tracking pixels, but can be turned into a full-functioning malware downloader. Fireball is capable of executing any code on the victim machines, resulting in a wide range of actions from stealing credentials to dropping additional malware.

Financial gain is the major motive for the vast majority of cybercrime, and unfortunately criminals have a wide range of tools at their disposal to achieve this," said Doros Hadjizenonos, country manager of Check Point South Africa.

. "To see both a highly effective ransomware variant and a range of banking Trojans in the top ten most prevalent malware families really underlines how tenacious and sophisticated malicious hackers can be in their attempts to extort money. Organisations need to be both vigilant and proactive in order to protect their networks."

"It's vital for organisations to be alert to these shifting threats, to simultaneously keep their defenses up against well-known malware families, new variants and new zero-day threats. This requires a multi-layered cybersecurity strategy, which can respond to a broad range of continually evolving attack types," added Hadjizenonos.

Nigeria

'Rape Conviction Review Aimed At Discouraging Perpetrators'

The National Human Rights Commission has described the upward review of conviction on rape from a minimum of three years… Read more »

Copyright © 2017 Leadership. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 900 reports a day from more than 140 news organizations and over 500 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.