Banks, financial services providers, and telecommunication companies from 12 African countries lost $11 million to hacking attacks between 2018 and 2022. This is according to a new report by Singapore-based cyber security firm Group IB and French telecommunications company Orange.
The attacks mainly targeted Francophone countries including Cote d’Ivoire, Mali, Burkina Faso, Benin, Cameroon, Gabon, Niger, Nigeria, Senegal, Sierra Leone, Togo and, in East Africa, Uganda. Outside the continent, Argentina, Bangladesh and Paraguay were also victims of the attack.
The French-speaking attacker was codenamed OPERA1ER, but also used other names such as names DESKTOP-group and Common Raven. The group, which comprises an unknown number of attackers, traces its roots back to 2016 when it registered its first domain. Unlike most modern hackers, OPERA1ER relied on well-known off-the-shelf tools. The gang managed to carry out more than 30 successful attacks on various institutions.
The report was completed in 2021 when the operator was still carrying out attacks. As soon as OPERA1ER noticed Group-IB’s increasing interest, they reacted by deleting their accounts and other actions to cover their tracks.
The hackers unleash most of the cyber-attacks over the weekends or during public holidays, possibly because it’s more difficult to stop fraudulent transactions or stop an attack on these days.
Rustam Mirkasymov, head of cyber threat research at Group-IB’s European Threat Intelligence & Research Center said, “Even if someone detects an attempt to withdraw money, during the weekend it is not easy to stop them and get the money back.”
The report says that the techniques used by attackers are not very sophisticated and rely solely on publicly available tools.
“According to our calculations, the total amount of damage ranges from $30 million to $50 million. However, this could be even more,” Rustam said.