Security

Nigeria's EFCC takes action against cyber-crime with a 24-hour reporting desk for citizens. (Image source: Adobe Stock)

Nigeria's anti-corruption agency, the Economic and Financial Crimes Commission (EFCC), is intensifying its efforts against cyber-crimes by enabling residents to report offenses around the clock

This will be facilitated through a 24-hour Cybercrime Rapid Response Desk, designed to receive and swiftly respond to information on cyber-crimes from the public. The desk will be accessible via both local and international phone numbers.

"Cyber-crime is not a crime against individuals and businesses. It is an assault on our collective integrity, economic stability, and the future of our youth," stated Nigeria's First Lady, Oluremi Tinubu. "It is therefore crucial that we address these challenges head-on and explore not only the harmful consequences of cyber-crimes but also the sustainable alternatives that can redirect our youths towards productive and positive endeavours."

With over 60% of Nigeria’s population being young people, Tinubu highlighted that youth involvement in cyber-crime poses a significant threat to the nation's economic stability. The perpetrators of these crimes, often referred to locally as 'Yahoo Boys,' are primarily tertiary graduates struggling to secure formal employment.

The Nigeria Communications Commission reports that cyber-criminal activities cost the country an estimated US$500mn annually. This initiative by the EFCC aims to curb cyber-crime, safeguarding Nigeria’s economic stability and promoting positive and sustainable paths for the youth.

Kaspersky warns of the growing threat from the Grandoreiro banking trojan, targeting financial institutions and cryptocurrency wallets globally. (Image source: Adobe Stock)

Kaspersky, a leading global cybersecurity and digital privacy firm, has issued a warning about the Grandoreiro banking trojan, a growing threat worldwide 

Active since 2016, Grandoreiro has targeted over 1,700 financial institutions and 276 cryptocurrency wallets across 45 countries just this year. This accounts for about 5% of the year’s total banking Trojan attacks. Adding to the concern, a newly discovered "light version" of the malware has already affected around 30 banks in Mexico.

Several African nations, including Algeria, Angola, Ethiopia, Ghana, Côte d'Ivoire, Kenya, Mozambique, Nigeria, South Africa, Tanzania, and Uganda, have also fallen victim to Grandoreiro's attacks.

An evolving cyber threat

Following an INTERPOL-led operation that helped Brazilian authorities arrest some operators behind the Grandoreiro banking trojan, Kaspersky discovered that the malware’s codebase has been split into lighter, more fragmented variants to continue their activities. This fragmentation has contributed to the rise of financial institution attacks in Mexico this year. The creators of the malware likely retain access to its source code and are now launching new campaigns using this simplified legacy version.

“These recent developments highlight the dynamic nature of the threat. The emergence of these lighter versions could signal a trend that might expand beyond Mexico, potentially spreading to other regions, including outside Latin America,” said Fabio Assolini, head of Kaspersky’s Latin American Global Research and Analysis Team (GReAT). “However, it appears that only a select group of trusted affiliates have access to the source code, which allows them to develop such lighter variants. Grandoreiro operates differently from the typical ‘Malware-as-a-Service’ model; it isn’t advertised in underground forums, and access to it seems highly restricted.”

Multiple Grandoreiro variants, including the light version and the main malware, are now responsible for a significant portion of global banking trojan attacks, making it one of the most prevalent cybersecurity threats today, according to Kaspersky.

After analysing new Grandoreiro samples from 2024, Kaspersky observed fresh tactics aimed at evading detection. The malware now tracks mouse activity to replicate real user behavior, fooling machine-learning security systems into treating the activity as legitimate. By imitating natural mouse movements, Grandoreiro attempts to bypass anti-fraud tools.

Moreover, Grandoreiro has employed a cryptographic method called Ciphertext Stealing (CTS), which Kaspersky reports as a first in the malware world. This technique is used to encrypt malicious code strings, enhancing its stealth.

To combat financial malware like Grandoreiro, Kaspersky's security experts recommend several key measures for organisations, including enforcing a Default Deny policy for critical user profiles, providing employees with cybersecurity awareness training, and deploying protection solutions for mail servers with anti-phishing capabilities, such as Kaspersky Security for Mail Server.

For individuals, Kaspersky advises staying vigilant—avoid opening suspicious messages, only install apps from trusted sources, and never grant permissions or rights without confirming they align with the app's functionality. Additionally, using a reliable security solution like Kaspersky Premium is essential for protection. 

GITEX GLOBAL 2024 showcases cutting-edge cybersecurity innovations and solutions as industry leaders unite to combat rising threats. (Image source: Adobe Stock)

After an action-packed two days at GITEX GLOBAL 2024, Wednesday showcased an incredible program focused on current and future cybersecurity landscapes, featuring insights from leading experts

Running from October 14-18 at the Dubai World Trade Centre (DWTC), GITEX GLOBAL is the largest tech event in the world, celebrating its record-breaking 44th edition in 2024 with over 6,500 exhibitors, 1,800 startups, 1,200 investors, and government representatives from more than 180 countries.

As the biggest international edition of GITEX GLOBAL reached its midpoint, “Cybersecurity Day” dominated the Wednesday agenda. The event featured a series of keynote speeches, fireside chats, and panels addressing urgent challenges, emerging threats, and innovative solutions for individuals, businesses, industries, and nations globally.

Addressing the cybercrime challenge

With global cybercrime damages projected to hit $10.5 trillion annually by 2025, the tech community is united in its mission to create a stronger defense. This resolve was evident at GITEX GLOBAL as top CISOs, CIOs, and GRC leaders gathered to discuss strategies for establishing a formidable global defense.

In 2024, AI-driven fraud in the finance sector has surged by 40%, presenting unprecedented challenges. One highlight of Wednesday was the conference session titled “AI-Driven Digital Fraud: Safeguarding the Finance Industry’s Future,” which explored how emerging technologies are being leveraged to combat this evolving threat.

Dr Mohamed Al Kuwaiti, head of cybersecurity for the UAE Government, shared insights on the impressive threat mitigation efforts in the UAE, having neutralised millions of attacks this year alone. He emphasised AI’s transformative role in cybersecurity, stating to the GITEX Tech Waves Podcast: “Cyber awareness is crucial – and AI is changing the game. The UAE is a financial hub that faced 71 million attacks in Q1 2024. We are resilient and thwarted these with early threat detection through AI. It’s a hugely beneficial technology alongside our great partnerships with the world.”

Todd Conklin, chief AI officer & deputy assistant secretary, cybersecurity & critical infrastructure protection at the US Department of the Treasury, echoed similar sentiments about AI’s benefits. He remarked, “The US Treasury runs the largest payments ecosystem in the entire world. We’ve leveraged AI models to reduce fraud by almost US$600mn in the last six months. It’s becoming increasingly critical in the counter-fraud space.”

Exploring new opportunities

With 88% of exhibiting startups making their GITEX GLOBAL debut and over 230 new partnerships formed between various entities, the event continues to serve as a catalyst for global collaboration. By Wednesday, more than 13,000 pre-arranged meetings had already taken place, with many more expected as companies unveil transformative solutions.

Huawei highlighted its critical infrastructure and cloud tech solutions, with Dr Aloysius Cheang, chief security officer for the Middle East & Central Asia at Huawei, noting that the company faces an average of 12 billion cyberattacks daily. He urged organizations to adopt a cybersecurity culture centered on security and privacy.

Kaspersky showcased its innovative Cyber Immunity approach and advanced threat intelligence solutions, while Fortinet presented products from its cybersecurity platform portfolio. Solutions by stc introduced visitors to emerging technologies that add value for customers.

Day three of GITEX GLOBAL 2024 also featured exciting activations and conferences at GITEX Cyber Valley, the premier cybersecurity exhibition hosted by the UAE Cyber Security Council. A highlight session featured Brett Johnson, a former cybercriminal turned expert, who shared insights during “Scamming the Scammer: Inside the Mind of a Cybercriminal.” Live Hacks showcased ethical hackers performing AI-powered hacks, while Santiago Lopez, the world's first million-dollar hacker, provided guidance on turning hacking skills into a profitable career in another engaging session.

Looking Ahead

GITEX GLOBAL 2024 continues Thursday with “Data Centres Universe,” bringing together thought leaders to discuss the future of data management and infrastructure. Sessions will explore the latest data technologies and sustainable energy solutions, emphasising data centres' crucial role in supporting the rapid growth of digital services.

Most Read

Latest news