Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner.

Killer Bee stings Nigerian cybercrime in oil hack

© Supplied by InterpolA police man and two EFCC agents walk past cars
Interpol and the Economic and Financial Crimes Commission (EFCC) have arrested three Nigerians in connection to cyber crime against oil and gas companies. Picture shows; EFCC operatives in Nigeria. Nigeria. Supplied by Interpol Date; 30/05/2022

Interpol and the Economic and Financial Crimes Commission (EFCC) have arrested three Nigerians in connection to cybercrimes against oil and gas companies.

The three men used a malicious Remote Access Trojan (RAT), known as Agent Tesla, the agencies said. Interpol said the men had used the RAT to “reroute financial transactions” and steal confidential details from companies.

Those targeted were from Southeast Asia, the Middle East and North Africa.

Interpol launched its global operation, named Killer Bee. The EFCC arrested the three in a sting operation, in a Lagos suburb and in Benin City.

“Through its global police network and constant monitoring of cyberspace, Interpol had the globally sourced intelligence needed to alert Nigeria to a serious security threat where millions could have been lost without swift police action,” said Interpol director of cybercrime Craig Jones.

Jones said the agency expects to carry out more arrests around the world, with more intelligence coming in.

A Nigerian court has convicted one of the three and sent him to prison for 12 months. The other two are on trial.

New trends

“Cybercrime is spreading at a fast pace, with new trends constantly emerging. Through operations like Killer Bee, Interpol supports EFCC in keeping pace with new technologies and understanding the possibilities they create for criminals and how they can be used as tools for fighting cybercrime,” said EFCC director of operations Abdulkarim Chukkol.

The EFCC official said the action sent “clear message that cybercrime will have serious repercussions for those involved in business email compromise fraud, particularly in Nigeria”.

The Singapore government supported Killer Bee, which was led by the ASEAN Cybercrime Operations Desk.

Interpol received intelligence on the RAT malware from Trend Micro.

Partners include Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Nigeria, Philippines, Singapore, Thailand and Vietnam.

The three arrested are 31 to 38 years old, EFCC said.

Malwarebytes reported on a Nigerian cybercrime ring in early May that used Agent Tesla. The software company reported the ring leader was born in 1985.

The Nigerian Tesla group stole more than 800,000 credentials from 28,000 victims, it said.

“In this case we see an interesting evolution from a threat actor that was performing the classic advance-fee scam (419 scam) before moving into the malware distribution world, more or less for the same end goal,” said Malwarebytes.

While the threat is real, the Nigerian scammer made a number of mistakes. “The attacker managed to infect his own machine,” Malwarebytes said. He also managed to reveal his own IP address, pointing to an address in Lagos.

Recommended for you

More from Energy Voice

Latest Posts