Global cybersecurity leader Trend Micro Incorporated has announced that its close cooperation with INTERPOL on the organisation’s Africa Cyber Surge II operation has led to the identification of more than 20,000 suspicious cybercrime networks across 25 countries on the continent.
Cybercrime is a global phenomenon with a long history in Africa. The Nigerian 419 scam was for years a staple of email-based fraud, and today its modern successors range from phishing and business email compromise (BEC) to romance scams. As countries across the continent digitise at a rapid pace, local criminal gangs are realising they have a potentially massive pool of victims to target both at home and abroad.
“There is often a misconception around how threat actors are not present on the continent. But it would be a mistake to underestimate cybercriminals in Africa. In fact, it’s become critical for organisations in both the public and private sectors to work together to fight against the growing onslaught of malicious online activity. That’s why Trend Micro welcomes the opportunity to work with law enforcement to shut down local cybercrime operations,” says Emmanuel Tzingakis, Technical Lead, African Cluster at Trend.
Following a successful campaign to counter cybercrime on the continent last year, the policing alliance ran a four-month sequel beginning in April 2023. Law enforcers in 25 countries participated, under the auspices of the INTERPOL Africa Cybercrime Operations Desk and INTERPOL’s Support Programme for the African Union in relation to AFRIPOL (ISPA). Police made 14 arrests and identified a massive 20,674 suspicious cybercrime networks linked to losses of over $40m.
Along with the alliance partners, Trend Micro was able to share information on: 3,786 malicious command and control servers, 14,134 victim IPs linked to data stealer cases, 1,415 phishing links and domains
The information provided by Trend Micro to investigators offers insights into current trends within the African threat landscape. During the most recent African Surge operation, the following was uncovered by the Trend Micro team:
The malicious infrastructure of 1,500 malicious IP addresses through Trend’s Global Threat Intelligence. These were located mainly in South Africa (57%), Egypt (14%), the Seychelles (5%), Algeria (5%) and Nigeria (4%). These IPs were linked to notorious malware families including Quakbot and Emotet, which are key enablers of ransomware and other threats.
Around 200,000 detections of malicious traffic in the first quarter of 2023, linked to scams (44%), malware (25%), phishing (17%) and command-and-control servers (13%). Most of these were facilitated by bulletproof hosting services in the Seychelles (140,000 detections) and South Africa (56,000).
Information about prolific offshore bulletproof hosting such as 1337team Limited (48%), Petersburg Internet Network Ltd (19%) and Flokinet Ltd (13%)
Information on the ELITETEAM bulletproof hosting based in the Seychelles, which we linked to threat activity including Redline Stealer, Agent Tesla, Azorult Stealer, and Racoon Stealer, as well as generic ransomware and backdoors.
Intelligence requested by INTERPOL on at least 10 suspects engaging in fraud and BEC. Through open-source tooling and crosschecking of entities such as mobile numbers, email addresses, names, aliases, IP addresses, and social media accounts, Trend Micro was able to provide invaluable assistance to investigators.
“The African Surge operation is a testament to what can be achieved when cybersecurity vendors and law enforcers work together to disrupt cybercrime networks. Trend will continue to leverage our threat intelligence to drive key insights around criminal activities in Africa and beyond, helping to put a stop to their exploitation of unsuspecting victims,” concludes Tzingakis.
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro’s cybersecurity platform protects hundreds of thousands of organisations and millions of individuals across clouds, networks, devices, and endpoints.
Editorial2 months ago
Breaking Barriers: Ogbeide Ifaluyi-Isibor Sets a New Agenda in Edo State’s Ministry of Digital Economy, Science & Technology
Editorial2 months ago
Lagos, a Goldmine for the Youths: Team Nigeria for Change Hosts Transformative Workshop with Governor Sanwo-Olu
Editorial Opinion2 months ago
LASTMA Impounds Over 200 Unregistered Vehicles in 48 Hours as Lagos Begins Crackdown
News2 months ago
SERAP develops 10-Point Action Plan on Promoting Transparency and Accountability in the Use of Public Funds in Nigeria with Focus on the Niger Delta
Business3 months ago
Trade Minister, Uzoka-Anite links ability to attract investment to Tinubu’s commitment to Nigeria’s industrialization
Agribusiness3 months ago
Poultry Farmers lament economic hardship, seek Govt intervention
Agribusiness3 months ago
See Nigeria’s 8 most traded agric products
Aviation1 month ago
Canadian embassy suspends operations in Nigeria, issues travel advisory