Global stocks sank Wednesday after US President Donald Trump said he was not satisfied with talks that are aimed at averting a trade war with China. Equities were also dented by poor eurozone economic data, and as Trump cast doubt on a planned summit with North Korean leader Kim Jong Un. “Trump (is) continuing to drive uncertainty over global trade,” said analyst Joshua Mahony at trading firm IG. “European markets are following their Asian counterparts lower, as a pessimistic tone from Trump is compounded by downbeat economic data,” he added. Markets had surged Monday after US Treasury Secretary Steven Mnuchin and Chinese Vice Premier Liu He said they had agreed to pull back from imposing threatened tariffs on billions of dollars of goods, and continue talks on a variety of trade issues. However, Trump has declared that he was “not satisfied” with the status of the talks, fuelling worries that the world’s top two economies could still slug out an economically pain...
Nigerian hackers, grouped as Gold Galleon, are menacing shipping firms and bleeding them of thousands of dollars. Network security firm Secureworks has red-flagged the group, whose focus appears solely to be the maritime industry.
The group, according to a report by Maritime Executive, an online platform, uses basic email scams and publicly available hacking software to try to steal hundreds of thousands of dollars from unsuspecting ship managers and service providers.
Secureworks said Gold Galleon is a group of about 20 individuals who work together to hack maritime firms all over the world using basic techniques. They rent hacking tools for just a few dollars per month; they communicate via Skype; and they identify targets using online company directories and commercially-available contact lists.
While the criminal gang uses an online proxy service to disguise its location, several cues indicate that it is of Nigerian origin, Secureworks said. The group communicates in pidgin, an English creole language, and it uses phrases assocated with a Nigerian social organization called the “Buccaneeers Confraternity” for usernames and passwords.
Once the group has identified a new target, it sends a spearphishing email carefully tailored to the recipient. The email has an attachment containing malware, which deploys on the unsuspecting victim’s computer and logs his or her keystrokes, recording the username and password for the victim’s business email account. Once the account is compromised, the group uses a software tool to collect all the email addresses with which that user has had an interaction, and it sets itself up to intercept business transactions between the user and his or her clients. Many maritime firms use email to handle invoicing and payment details.
When the Gold Galleon group sees payment details relayed on an invoice in a compromised email account, it intercepts the invoice, alters the account numbers to direct the money to its own “mule” bank account instead, and uses a similarly-worded email address to send the altered request on its way to the intended recipient. Often, the buyer will not detect the change to the sender’s email address and the bank details, and will simply pay the fraudulent invoice.
Comments
Post a Comment