Meet the new scam from your friend the Nigerian Prince


by Jimmy Nicholls| 21 July 2014

The man's improved his tools, but he's not much more subtle.

Fraudsters responsible for the infamous "Nigerian Prince" scams have begun distributing trojan viruses, according to a report by security firm Palo Alto.

The so-called Silver Spaniel campaign makes use of remote access tool (RAT) NetWire to control Windows, Mac or Linux systems, with most target companies based in Taiwan or South Korea.

Ryan Olson, intelligence director at Palo Alto, said: "These Silver Spaniel malware activities originate in Nigeria and employ tactics, techniques and procedures similar to one another.

"The actors don't show a high level of technical acumen, but represent a growing threat to businesses that have not previously been their primary targets."

Hackers are said to be using social engineering techniques to trick victims into installing the malware, in line with their previous 419 scams named after the relevant Nigerian penal code.

Viruses are distributed through email attachments, with DataScrambler software allowing them to escape detection by antivirus programmes.

Despite this attackers are failing to conceal their identities and infrastructure, with one scammer posting questions about the malware through his Facebook and Twitter accounts, which have since been removed.

Palo Alto advised network managers to block executables, consider inspecting emails for malicious traffic and train users to beware unknown attachments.

"At this time we do not expect Silver Spaniel actors to begin developing new tools or exploits, but they are likely to adopt new tools made by more capable actors," the company added.

Source: Company Press Release

Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

792 people like this.
2211 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.