Cybercrime Group OPERA1ER Stole $11M From 16 African Businesses

  /     /     /  
Publicated : 23/11/2024   Category : security


Cybercrime Group OPERA1ER Stole $11M From 16 African Businesses


One attack used 400 mule accounts to steal money by making fraudulent withdrawals, researchers say.



At least 16 African banks, financial services, and telecommunication companies have been identified as victims of the French-speaking threat group OPERA1ER, which has stolen at least $11 million since 2018. 
A new report from Group-IB explains it has been tracking OPERA1ERs activities since 2019; however, they waited to publish its findings until the group resurfaced after a 2021 break. Now the gang is back in action, the analysts explain, allowing Group-IB to document their
OPERA1ER TTPs from 2019 through 2021
, as well as the latest
iteration in 2022

The researchers reported OPERA1ER has successfully breached the targets systems at least 30 times since 2018. As an example of the groups sophistication and coordination, the report added, one of the of the groups attacks used more than 400 mule accounts to make fraudulent money withdrawals.
The group doesnt use exotic malware, in fact, the researchers said in the report that OPERA1ERs hallmark is easily accessible open source malware and everyday red-team frameworks like Metasploit and Cobalt Strike. OPERA1ER delivers remote access Trojans (RATs) through French-language email phishing lures and takes its time gathering intelligence about its victims before cashing out, the report added. 
Detailed analysis of the gang’s recent attacks revealed an interesting pattern in their modus operandi: OPERA1ER conducts attacks mainly during the weekends or public holidays, Rustam Mirkasymov, head of cyber-threat research at Group-IB Europe, said in a statement. It correlates with the fact that they spend from three to 12 months from the initial access to money theft. 
Mirkasymov added the gang could be based out of Africa and the total number of OPERA1ER group members is unknown. 

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Cybercrime Group OPERA1ER Stole $11M From 16 African Businesses