SilverTerrier Cybercrime Gang Behind BEC Attacks
A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force.
“The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and business email compromise schemes targeting companies and individual victims,” Interpol said in a statement.
Operation Delilah, as the coordinated international effort is called, involved tracking the 37-year-old Nigerian man’s physical movements, before he was apprehended at Murtala Muhammed International Airport in Lagos in March 2022.
Singapore-headquartered cybersecurity company Group-IB said it provided threat intelligence that led to the arrest as part of the police operation that commenced in May 2021.
According to Palo Alto Networks’ Unit 42, which also assisted in the probe into SilverTerrier activity, the unnamed suspect is said to have been active since 2015 and involved in the creation of over 240 domains, of which 50 were used to provide command-and-control for malware such as LokiBot.
Unit 42 also noted that the criminal actor evaded arrest during a prior sting by fleeing Nigeria in June 2021 only to be caught when trying to get back home earlier this March. Furthermore, he attempted to sell his Autobiography Special Edition Range Rover for 5.8 million Naira (about $14,000) on Facebook before leaving the country.
The development is the third in a series of law enforcement actions aimed at the identification and arrest of the suspected members of the SilverTerrier gang (aka TMT).
In November 2020, three alleged members of the group were arrested for compromising at least 500,000 government and private sector companies in more than 150 countries since 2017. This was followed by the arrests of 11 more members earlier this year as part of an operation dubbed Falcon.
[출처 : TheHackerNews / 5.25.]