A number of worrying notifications from banks in the Sub-Saharan Africa region have cybersecurity experts concerned that Silence has arrived on the continent.
Silence Group is an organisation of cybercriminals that has been active since 2016. A report from Group-IB in 2019 called the group “one of the most sophisticated threat actors not only in Russia, but also in the Americas, Europe, Africa, and especially Asia”.
It is believed that Silence Group is Russian.
The group employs a variety of hacking techniques but appears to prefer spear-phishing tactics. The attack begins with an email which contains malware.
The malicious file is downloaded on to a bank employee’s machine and from their Silence waits and observes. The group gathers screenshots, emails and information about the target’s day-to-day activities before Silence takes action.
Once it does, Silence siphons money – often amounting to millions – before cashing out at ATMS.
“Silence group has been quite productive in the past years, as they live up to their name; their operations require an extensive period of silent monitoring, with rapid and coordinated thefts. We noticed a growing interest of this actor group in banking organisations in 2017 and since that time the group would constantly develop, expanding to new regions and updating their social engineering scheme,” says security researcher at Kaspersky, Sergey Golovanov.
If stealing millions in cash wasn’t enough, Silence is also out to steal sensitive information while it gathers data before an attack.
Kaspersky reports that it detected a number of malware attacks on banks in the Sub-Saharan Africa region in the first week of January. Based on the malware used, Kaspersky believes that Silence is about to begin the final stage of its attack and cash out.
The cybersecurity firm believes the attacks are ongoing and target several large banks in the region.
“We urge all banks to stay vigilant, as apart from the large sums Silence group also steal sensitive information while monitoring the Banks activity as they video record screen activity. This is a serious privacy abuse that might cost more than money can buy,” concludes Golovanov.
Silence Group was hard at work in 2019 targeting banks in Chile, Bulgaria, Costa Rica, Ghana and India. With sights now reportedly set on Sub-Saharan Africa banks and those in the financial sector would do well to remain vigilant.[Image – CC 0 Kristina Flour via Unsplash]