Security researchers recently uncovered a Nigerian scam ring that operates a “wire-wire” attack, after members of the group infected themselves with their own malware.
According to a report by IEEE Spectrum, the scammers used the attack to steal hundreds of thousands of US dollars from small and medium-sized businesses worldwide.
“We’ve gotten unprecedented insight into the very nitty-gritty mechanics of their entire operation,” says James Bettke, a researcher at SecureWorks.
The attack uses compromised corporate email accounts to execute fraudulent financial transactions.
SecureWorks discovered the attacks after five of the scammers self-infected their computers with the key-logger malware used in their attacks.
The malware loaded screenshots and keystrokes from compromised computers to an open-web database.
SecureWorks found the database by using the virus scanning tool VirusTotal to search for suspicious email attachments, stated the report.