Latest Report from Palo Alto Networks Unit 42
Nigerian email scammers seem old school and their Nigerian Prince 419 exploits quaint set against today’s worries about new breeds of sophisticated hackers working on an industrial scale and even state sponsored adversaries.
But the latest research by Palo Alto Network’s threat intelligence arm Unit 42 brings the Nigerian Prince scammers back into sharp focus and reveals how they’ve grown rather than declined as a threat.
For example, in 2017 they did an average of 17,600 attacks per month, representing a 45 percent increase on 2016. These led to losses against businesses and individuals of more than US$3 billion (Source: FBI).
The new Unit 42 report uncovers how Nigerian cyber adversaries have modernized their approach to cybercrime, heavily using multiple commodity malware tools among other trends.
Other key findings from the report include:
- SilverTerrier actors are mostly mature adults, not children or teenagers. They range in age from their 20s to 40s with few exceptions, and the vast majority are estimated to be in their 30s
- Information stealing malware families remain common, with SilverTerrier actors producing an average of 840 samples per month
- This represents a 17 percent year-over-year increase, with Agent Tesla, LokiBot and Pony standing out as the most popular tools in the category
- SilverTerrier actors have begun to incorporate RATs into their criminal activities at a significant rate, the data shows these actors can produce an average rate of 146 samples per month.
- This represents a 49 percent increase over previous years, with the three most popular tools being DarkComet, NetWire and NanoCore.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.