Cyber crims use COVID-19 to target home-based workers
He is known as Actor X, a married father of three, an ex-serviceman with a university degree and a nice house in Owerri in Nigeria.
And he is actively stealing money from Australians almost every single day and we can't yet arrest him.
News Corp Australia has learnt authorities have identified 480 lead figures, including Actor X, they collectively have codenamed "Silver Terrier", a Nigerian mob actively attacking home computers and state and federal government agency networks to steal identities and money in the fog of COVID-19.
The Australian Signals Directorate today launched an offensive against these figures to disable their infrastructure and block access to stolen information but their network is vast and any arrest unlikely.
ASD Director-General, Rachel Noble said cyber criminals were expected to continue targeting Australians through their COVID-19 themed malicious activities.
"Our offensive cyber campaign has only just begun and we will continue to strike back at these cyber criminals operating offshore as they attempt to steal money and data from Australians," Ms Noble said.
She then added her teams were working closely with telecommunication, IT companies and web browser firms like Google and Microsoft to flag sites as malicious before they can be visited.
One of the world's leading cyber security groups the United States headquartered Palo Alto Networks has been working with government and law enforcement authorities in dozens of countries, notably Australia, and made alarming discoveries about the leading malware Silver Terrier group.
Sean Duca, the group's Vice President and Regional Chief Security Officer for Asia Pacific and Japan, said Silver Terrier and Actor X have produced a whopping 81,300 malware samples linked to 2.1 million attacks.
He said 480 figures were being tracked including Actor X who;
• held an undergraduate degree from the Federal University of Technology in Owerri (FUTO);
• completed a year of national service with the National Youth Service Corps in Nigeria;
• is in his early 40s;
• is married with three children and poses as a legitimate businessman of "technical services".
He has registered more than 480 domains for the purpose of supporting other threat actors, as well as his own fraudulent activities and has built over 90 email accounts with common email providers such as Microsoft, Yahoo, and Google.
Last year alone they launched an average 92,739 attacks a month globally; in Australia his paw print was on 627 samples of malware for 7032 attacks on Australian networks.
The top three targeted industries in Australia include state and local government (councils), which comprised 44 per cent of attacks, followed by education (18 per cent) and wholesale/retail (11 per cent).
Palo Alto last November worked with the Australian Federal Police to take down cyber criminals but building cases was slow going and there can be jurisdictional issues.
"It is unfortunate that the speed and velocity to which someone can actually launch an attack, that same speed and velocity can't actually be used to incarcerate someone who has actually been exposed and called out," Mr Duca said.
Originally published as Cyber crims use COVID-19 to target home-based workers