Kaspersky security researchers, who claim to have reported on thousands of notifications of attacks on major banks located in the sub-Saharan Africa (SSA) region, are now accusing some unknown Russian hackers for using a malware to attack banks in Sub-Saharan Africa.
The company claimed the malware used in the attacks indicates that “the threat actors” are “most likely” to be an infamous Silence hacking group, previously known to be responsible for the theft of millions of dollars from banks across the world.
The firm said in a statement it syndicated to media houses across Africa on Monday morning that the Silence group is one of the most active Advanced Persistent Threat (APT) actors, which has carried out a number of successful campaigns targeting banks and financial organisations around the Globe.
It added those affected could seek help from their experts as they alone could secure African banks.
The company said: “the typical scenario of the attack begins with a social engineering scheme, as attackers send a phishing e-mail that contains malware to a bank employee. From there the malware gets inside the banks’ security perimeter and lays low for a while, gathering information on the victim organisation by capturing screenshots and making video recordings of the day to day activity on the infected device, learning how things work in the targeted banks. Once attackers are ready to take action, they activate all capabilities of the malware and cash out using, for example, ATMs. The score sometimes reaches millions of dollars.