Cybercriminals Target X, Nigeria Fights Cyberattacks, Threat Actors Attack
A fresh new month, a brand new starting. Yes, it is the month of February, and some of you are aiming to crush your Q1 2025 goals, while others are getting a bit tired of the 2025 New Year resolution rush. Businesses, brands, and e-commerce platforms are running lucrative offers to lure consumers into splurging their hard-earned money on retail therapy.
Unfortunately, threat actors are lurking around, waiting for that one careless click or that ignorant download you make, which will help them invade your system. So, businesses and individuals, be highly cautious of all those emails and messages that you receive. Know that only your knowledge and caution can save you from those malicious cyberattacks.
It’s the first bulletin of the month, and this week, we are going to talk about the recent attacks on the high-profile X accounts. We will also focus on how Nigeria is standing tall and strong amidst the increasing cybercrime attacks across Africa. Lastly, we will try to understand why certain cybercriminals are targeting the Microsoft ADFS.
Let’s not wait anymore!
Cybercriminals targeting high-profile X accounts for committing crypto fraud!
There’s a one-click phishing campaign doing the rounds on X (formerly Twitter). Threat actors are targeting high-profile X users such as political figures, renowned journalists, and X employees. The core idea is to hijack their profiles and then carry out cryptocurrency fraud. Sentinel Labs uncovered this ongoing threat attack that is dominant on X.
However, they believe that the threat campaign can also be spread across other social media platforms. The cybercriminals basically want to leverage the reach of all these big accounts. Scammers hack into these high-impact accounts so that they can easily target naive people with crypto scams to make some quick and easy money.
The moment a hacker gains access to any of these high-profile accounts, they lock out the legitimate user and start posting fraudulent and misguiding cryptocurrency opportunities. They can even share external links to malicious websites. These websites are designed with crypto-theft-related themes to attract additional targets. The main reason behind targeting high impact profiles on X is to reach out to a wider audience base as well as maximize their financial gain.
Threat actors are using different types of phishing lures, such as the ‘account login’ notice through emails, to make users believe that someone has logged into their X account from an unfamiliar device. A malicious link is also shared, clicking upon which scammers will gain access to your X credentials.
Similarly, copyright-violation emails are also sent out to create a sense of panic among the users, whereby the users are asked to share their credentials.
Nigeria stands tall against cyberattacks!
Africa is currently grappling with increasing cases of cyberattacks. However, Nigeria has decided to combat cybercriminals more strictly. In the past year, Nigerian authorities have arrested over 1000 threat actors who were involved in cyber frauds and scams. EFCC, or the Economic and Financial Crimes Commission in Nigeria, has prosecuted around 42 foreign nationals who had allegedly carried out romance and cryptocurrency frauds. Nigerian authorities had also carried out a massive raid to bust a cybercrime syndicate of around 800 people.
Nigeria is standing tall against the threat actors at a time when the entire African continent is experiencing over 3200 attacks every week. Ethiopia tops the chart as the riskiest country in Africa for cybercrime, while Nigeria comes at number 19.
Experts believe that Africa is highly prone to cyberattacks as compared to other countries. The reason beyond this is rapid digitization and lack of skilled workforce. As of now, there are only 20,000 qualified cybersecurity engineers across the continent. Experts have also witnessed a special trend in which some of the threat actors prefer testing their new malicious tactics in African countries first before attacking other nations.
Threat actors attack Microsoft Active Directory Federation Services
Experts at Abnormal Security have recently found out that a sophisticated campaign is being run to exploit Microsoft’s ADFS in order to break into the multifactor authentication system and gain access to Microsoft user accounts. Currently, the threat actors are focusing on 150 organizations. The majority of these are educational establishments that depend primarily on ADFS for authentication processes across different cloud-based and on-premise systems.
Threat actors continue to target Microsoft Active Directory Federation Services (ADFS), making it crucial for organizations to implement strong cybersecurity measures, including email authentication protocols like DMARC, SPF, and DKIM, to mitigate phishing and spoofing attacks.
The high-end campaign leverages spoofed emails, which direct naive users to malicious Microsoft ADFS log-in pages. The moment a victim enters their credentials and shares the MFA code, threat actors get easy access to that particular account. Potential targets of this sophisticated campaign get fake emails that appear to be coming from Microsoft’s IT help desk. The emails often carry a sense of urgency and compel the users to have a look at something that requires their immediate attention.
