Nigerian Serial Scammers Exposed by Own Malware

Two Security researchers from Secureworks, Joe Stewart and James Bettke, recently discovered a Nigerian scam ring.

They were eventually caught in their own web after several years of operation. The ringleader unknowingly infected his computer with the same malware that they want unsuspecting victims to download.
This vulnerability made it possible for the researchers to monitor the ringleader for several months. Information concerning his contacts, tools, messages, his victims and the amount of money transferred were revealed, according to Bettke’s account.

A more refined version of the Business Email Compromise (BEC) scam was employed by the criminals. It is also known as wire-wire which involves picking random email addresses from public sources and attacking them with malware so that they are easily accessible. After the attack, if a victim orders for anything through email, the group hijacks it and altered details are sent to the victim. The group consists of over 30 members with earnings around $3 million annually.

According to a published report, the duo have this to say:

After the fact, it can take awhile before the customer and seller realize they’ve been scammed—often, neither buyer or seller realizes that something is amiss until the shipment or payment is overdue. Given their vantage point, Stewart and Bettke have tried to alert some businesses to the scam before the fraudulent transactions are complete, but they sometimes have a hard time persuading employees that they aren’t scammers themselves.
The EFCC is already aware of this development, and at least one active investigation is ongoing.