Hackers are running a Business Email Compromise Campaign in ASIA, MIDDLE EAST and US to steal money!



According to a well-known security software company Trend Micro, Hackers are running a BEC (Business Email Compromise) Campaign with the help of Olympic Vision keylogger. Hackers are targeting companies of Asia Pacific and Middle East. Security Experts of Trend Micro have also seen some cases in United States too. This is a malware based campaign and hackers are targeting head employees of companies.

Hackers are using malware in a BEC (Business Email Compromise) attack, to hijack the email accounts of victims. If hackers successfully got the access of official’s email accounts, they are able to send emails for financial transactions. Hackers can also steal sensitive data of companies, but in this campaign they are focusing on financial transactions. These attacks have been traced back to Kuala Lumpur and Lagos, security researchers said.

First these type of attacks were called “Man-in-the-E-mail Scam”. It was a bit confusing therefore it was changed to BEC in order to focus on the business angle. In this attack, hackers mostly target that companies which are working with foreign suppliers and doing their transactions through emails. These payments are called, wire transfer payments.



How BEC attacks are happening?

The security researchers of Trend Micro said, “Hackers are targeting head employees of companies by sending them a malicious email. Hackers are sending a keylogger within the email. Once they got access of victim’s account, they tricks other employees, business partners and Suppliers to perform wire transfer payments. Hackers are spreading an “Olympic Vision” named keylogger through the emails. Hackers have targeted key employees of 18 different countries till the day.”

Hackers are sending emails to business partners and suppliers from the compromised email accounts. In emails, they are writing that they there is a problem with your recent bank transfer. By tricking them, hackers are collecting important information related to financial accounts and then they are doing illegal transactions.

Trend Micro published a report,” Hackers are targeting key employees of 18 different companies by sending them “Olympic Vision” keylogger through an email. Actually hackers are running a BEC (Business Email Compromise) campaign in Middle East, Asia and United States. Hackers have high social engineering skills, therefore they are targeting employees with the help of spear phishing. Hackers are spreading info stealing malware to access the wire transfer payements”.

A Brief note on “Olympic Vision” Malware

According to the security researchers of Trend Micro, “Olympic Vision is a keylogger and it is not very costly. It is available on Black Market, just for 25 Dollars. It is also not very advanced threat but it have many features due to which it is capable to steal a variety of important information from its target. It has two main functions. First, it records the keystrokes and second it is capable to take screenshots after few seconds in order to steal information” Researchers also said that this is the fourth malware, which we have seen on BEC attacks.

Security Researchers of Trend Micro said that we are tracing the users of “Olympic Vision” keylogger and we have successfully traced the identities of two Nigerian bad actors. One from them was operating this malware from Lagos and the other one was operating from Kuala Lumpur.

BEC (Business Email Compromise) attacks are big threat for the companies. According to a study of FBI, companies had lost over a billion dollars in past two years just because of these attacks. 55 Millon US Dollars theft at FACC is biggest example of BEC attacks.