Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management

Nigerian Police Bust Gang Planning Cyberattacks on 10 Banks

3 Nigerian Gang Members Were Arrested and 1 From France Absconded, Police Say
Nigerian Police Bust Gang Planning Cyberattacks on 10 Banks
Alleged members of a cybercriminal syndicate (Source: Nigerian Police Special Fraud Unit)

The Nigerian Police Special Fraud Unit - or PSFU - says it has busted a criminal syndicate, preventing cyberattacks against at least 10 banks in the country.

See Also: The Expert Guide to Mitigating Ransomware & Extortion Attacks

The alleged mastermind, 52-year-old Kehinde Oladimeji, was caught and arrested by the police, along with 27-year-old Olanrewaju Adeshina and 42-year-old Kolapo Stephen Abiodun, the police statement says. Another alleged syndicate member, Chibuzor Holland, who the police say came from France to execute this cybercrime, absconded.

The Sting Operation

The police made the arrests on March 30 as the result of a sting operation conducted by the police unit's commissioner, Anyasinti Nneka. The operation was based on intelligence received from "a leading New Generation Bank who is also a member of PSFU's Stakeholders' Forum," the statement says.

At the time of the arrest, the gang members were recruiting an information and technology department employee at a bank "to perfect the hacking of the bank's network/posting application with [an] intent to pull-out huge sums of money," according to the statement.

Abiodun, a former IT department employee at the same bank that the syndicate was planning to target, asked an unnamed current employee of the same bank's IT department to "leave critical gateways open on the Bank's server for the syndicate to gain unauthorized access into the network and move money out using Python application and Zoom," the statement says.

In return, the employee was offered 200 million naira (approximately $473,500) and a visa to an undisclosed destination.

During the sting operation, the PSFU also recovered several phones and other electronic devices from the accused. A forensic analysis of these devices showed that the syndicate had picked 10 banks "to be hacked using a similar method once the first attack [was] successful," the statement says. The gang also had personal and corporate bank account details, it says, "which they ought not to have."

The case is being prosecuted by the Federal High Court of the Lagos Judicial Division.

The PSFU did not respond to Information Security Media Group's request for additional details.

Interpol and EFFC Bust 'Killer Bee'

In a separate incident, the Nigerian police, as part of an internationally coordinated sting operation, have busted another cybercriminal gang, which Interpol calls "Killer Bee."

The suspects are three middle-aged Nigerians, arrested for allegedly carrying out cyberfraud across Southeast Asia using Agent Tesla, a remote access Trojan, Interpol says.

The three accused arrested by the EFCC (Source: Interpol)

The operation was a coordinated effort between the Economic and Financial Crimes Commission of Nigeria, Interpol, the National Central Bureaus and law enforcement agencies of 11 countries across Southeast Asia, according to Interpol.

The operation was initiated after Interpol's private sector partner Trend Micro provided operational intelligence to the agency about the "emergence and usage of Agent Tesla malware" in this case. Agent Tesla was found on the mobile phones and laptops of the syndicate members that were seized by the EFCC during the bust.

"Through its global police network and constant monitoring of cyberspace, Interpol had the globally sourced intelligence needed to alert Nigeria to a serious security threat where millions could have been lost without swift police action," Interpol Director of Cybercrime Craig Jones says in the statement. "Further arrests and prosecutions are foreseen across the world as intelligence continues to come in and investigations unfold."

The syndicate, operating from the west coast of Africa, targeted corporates, including oil and gas companies in Southeast Asia, the Middle East and North Africa, the statement says. Interpol adds that using Agent Tesla, the syndicate rerouted "financial transactions," which helped them steal confidential online details linked to these corporates.

The three arrested individuals also had several fake documents, "including fraudulent invoices and forged official letters," Interpol says.

The statement says that one of the scammers, Hendrix Omorume, has been convicted of three counts of serious financial fraud and faces 12 months in prison. The two other men are still on trial.

"Cybercrime is spreading at a fast pace, with new trends constantly emerging. Through operations like Killer Bee, Interpol supports EFCC in keeping pace with new technologies and understanding the possibilities they create for criminals and how they can be used as tools for fighting cybercrime," says EFCC Director of Operations Abdulkarim Chukkol.

"The enforcement actions led by Nigeria and coordinated with Interpol send a clear message that cybercrime will have serious repercussions for those involved in business email compromise fraud, particularly in Nigeria," Chukkol adds.

In May, the Nigerian police also charged a 37-year-old man with running a criminal syndicate tied to massive business email compromise and phishing campaigns (see: Suspected Business Email Compromise Ringleader Busted).


About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.