"Smooth 'Opera1er': French-Speaking Gang Steals $11 Million"

A French-speaking gang has been linked with stealing at least $11 million from African banks. According to a new report from the cybersecurity firm Group-IB and the CERT Coordination Center at the French multinational telecommunications giant Orange, the criminal syndicate codenamed "Opera1er" is still "active and dangerous." Group-IB researchers codenamed the gang Opera1er after an email account frequently used by the gang to register domains, while the Society for Worldwide Interbank Financial Telecommunication, also known as SWIFT, dubbed it Common Raven in 2020. According to Group-IB, the gang stole at least $11 million between 2018 and 2022, and the actual amount of damage could be as high as $30 million. Financial services and telecommunications firms in Argentina, Bangladesh, Burkina Faso, Cameroon, Gabon, Ivory Coast, Mali, Niger, Nigeria, Paraguay, Senegal, Sierra Leone, Togo, and Uganda have been victims. The group prefers to target victims on weekends or during public holidays. Group-IB and Orange CERT-CC are releasing their findings, including tactics, techniques, procedures (TTPs), and indicators of compromise, to assist organizations, particularly banks, in detecting attacks associated with this group. In addition, they say that a number of other security researchers, including the Polish cyber threat intelligence expert Przemysaw Skowron, as well as researchers in Belgium, France, and Switzerland, and the Russian hosting provider Internet Hosting Center, have assisted in tracking the group. Their plans to detail the group's activities were paused after the attackers appeared to notice that they were being tracked and deleted a number of accounts as well as changed their TTPs. This article continues to discuss findings surrounding the Opera1er French-speaking gang.

GovInfoSecurity reports "Smooth 'Opera1er': French-Speaking Gang Steals $11 Million"