Source: Trend Micro website. |
In its Piercing the HawkEye: Nigerian Cybercriminals Use a Simple Keylogger to Prey on SMBs Worldwide report, the company said that two Nigerian hackers, dubbed "Uche” and “Okiki”, target small and medium sized businesses (SMBs) around the world with Hawkeye, a cheap keylogger*.
Most of the companies targeted by HawkEye are companies from developing countries such as India and Iran as they have many SMBs. Hong Kong accounts for 5% of the victims however, suggesting the territory's continued vulnerability as a target.
In the case of the operations run independently by the two Nigerian cybercriminals the attack typically includes these steps:
Build rapport with victims through a series of emails prior to delivering the a file attachment that contains suspect software (malware). The attachment is disguised so the victim is unaware of the attack on their system.
Hawkeye is used to steal email and website credentials, as well as logging keystrokes.
Cover tracks by using methods such as multiple email accounts.
Hawkeye is used to steal email and website credentials, as well as logging keystrokes.
Cover tracks by using methods such as multiple email accounts.
"It doesn’t take an advanced malware to disrupt a business operation. In fact, even a simple keylogger is enough to do it. The series of malware attacks launched by the duo dispels the notion that only very large enterprises are vulnerable to cybercrime attacks. SMBs are also at risk, smaller regional offices may be exploited as a means to reach the global office," said Trend Micro in a statement.
Need background?
Need background?
More details can be found in the report
*A keylogger is software that records everything that is typed into a computer. It can be useful for details such as passwords and other login information. HawkEye costs about US$35.