Meet the new scam from your friend the Nigerian Prince

Data Jimmy Nicholls

16:37, July 21 2014


The man's improved his tools, but he's not much more subtle.

Fraudsters responsible for the infamous "Nigerian Prince" scams have begun distributing trojan viruses, according to a report by security firm Palo Alto.

The so-called Silver Spaniel campaign makes use of remote access tool (RAT) NetWire to control Windows, Mac or Linux systems, with most target companies based in Taiwan or South Korea.

Ryan Olson, intelligence director at Palo Alto, said: "These Silver Spaniel malware activities originate in Nigeria and employ tactics, techniques and procedures similar to one another.

"The actors don't show a high level of technical acumen, but represent a growing threat to businesses that have not previously been their primary targets."

Hackers are said to be using social engineering techniques to trick victims into installing the malware, in line with their previous 419 scams named after the relevant Nigerian penal code.

Viruses are distributed through email attachments, with DataScrambler software allowing them to escape detection by antivirus programmes.

Despite this attackers are failing to conceal their identities and infrastructure, with one scammer posting questions about the malware through his Facebook and Twitter accounts, which have since been removed.

Palo Alto advised network managers to block executables, consider inspecting emails for malicious traffic and train users to beware unknown attachments.

"At this time we do not expect Silver Spaniel actors to begin developing new tools or exploits, but they are likely to adopt new tools made by more capable actors," the company added.

Source: Company Press Release


Post a comment

Comments may be moderated for spam, obscenities or defamation.