SilverTerrier BEC members arrested in Nigeria

SilverTerrier BEC members
Written by Emma Davis

Interpol announced the international operation Falcon II, during which 11 Internet scammers were detained, including several members of the SilverTerrier BEC group (aka TMT), which has existed since 2019.

The term BEC (Business Email Compromise) attacks refers to cases when attackers start a correspondence with a company employee in order to gain his trust and convince him to perform actions that harm the interests of the company or its customers. For this are used hacked employee accounts or addresses that are visually similar to the company’s official addresses, but differ by a few characters.

The operation was carried out jointly by the Interpol Global Financial Crime Task Force and law enforcement agencies in Nigeria, as well as with the participation of a number of private information security companies, including Group-IB and Palo Alto Networks.

SilverTerrier BEC members

Experts say that the operation was a continuation of the earlier Falcon I, carried out by Interpol and the Nigerian police in November 2020.

At that time, three criminals were detained, allegedly they were related to the TMT group, which is credited with compromising 500,000 email addresses of public and private companies around the world.experts of Group-IB reported.

The investigation continued, and some of the cybercriminals identified by information security specialists remained at large at that time.

Experts at Palo Alto Networks in Singapore reportedly made significant contributions to both operations by sharing information about members of the SilverTerrier group, identifying the attackers’ infrastructure, collecting digital evidence of crimes committed and data confirming their identities.

The Falcon II operation lasted 10 days (from December 13 to 22), and to apprehend the criminals, the Nigerian police sent 10 of their employees from the headquarters located in the capital of the country, Abuja, to the cities of Lagos and Asaba.

An Interpol press release highlights that after forensic analysis of data extracted from suspects’ phones and computers seized during searches, 11 people were found to be linked to attacks on more than 50,000 targets.

So, one of the detainees had more than 800,000 credentials of potential victims stored on a laptop. Another arrested person monitored communications between 16 companies and their clients and redirected all their money transfers to accounts belonging to the SilverTerrier group. Another hacker has been involved in email compromise campaigns against organizations in West Africa, including those in Nigeria, the Gambia and Ghana.

Let me remind you that we reported that Russian authorities say members of REvil hack group arrested at US request, and also that Ukrainian Cyber Police captured another group of ransomware distributors.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending