Cybersecurity Incidents Tracking

A malicious actor created a fake portal for the 2023 General Election in Nigeria, using a domain with a spelling error (Recriutment) and phishing for users' personal information. The same domain has been hosting similar fake platforms since 2022, targeting users in Nigeria, Ghana, and Kenya with fake youth empowerment, jobs, visa sponsorship, and grants from presidential aspirants. The malicious actor uses a URL shortener (Lyupz) to hide the main domain and distributes the links through WhatsApp Groups, relying on unsuspecting users to share them with others

January 2023

PHISHING / DATA COLLECTION

A Federal agency experienced a ransomware incident on one of its internet-facing servers where all files in the shared folder got encrypted. The ransom note read the files have been encrypted by 0XXX Virus and victims can buy decryption for $ 300 USD in bitcoin by sending the unique ID to sergev_petrov1983@mail.ru

January 2023

RANSOMWARE

Hackers transferred over ₦2.9 billion from Flutterwave accounts in early February 2023. Flutterwave reported the case to the police and filed a suit to freeze accounts in 27 financial institutions in Nigeria where some of the money was moved. Flutterwave denied the hack and claimed that no user lost any funds. It also said it invests heavily in security measures such as audits, certifications, and licenses. Some Twitter users confirmed that their accounts were frozen or locked as a result of the hack. Some also questioned Flutterwave’s security and transparency

March 2023

BREACH AND STOLEN FUNDS

Babcock University's Information Management System (UIMS) Account was hacked and the website was defaced with pornographic content

March 2023

DEFACEMENT

The Leadway Assurance hack was an attempted cyberattack on the Leadway Assurance Company Ltd., a leading Nigerian insurance company, in April 2023. The attack was allegedly carried out by the ALPHV ransomware group, a cybercriminal gang that encrypts and steals data from its victims. Sample data released to the dark web

April 2023

RANSOMWARE

A controversial LinkedIn post by David Sennaike about Nigeria's Financial Institutions and the plethora of vulnerabilities on which they operate generated a lot of comments and received mixed reactions from Cybersecurity leadership across the Financial Space.

May 2023

CONTROVERSIAL DISCLOSURE

The Ogun State Government website was defaced with a message hinting the technical team to update their security.

July 2023

DEFACEMENT

Globacom Nigeria's recent ransomware attack was a cyberattack on Globacom Nigeria Ltd., a leading Nigerian telecommunications company, in July 2023. The attack was allegedly carried out by a known ransomware group (ALPHV), a cybercriminal gang that encrypts and steals data from its victims. The hacker, who is demanding $2.5m, claims to have been in control of the network for 12 days undetected

July 2023

RANSOMWARE

On August 1, 2023, Anonymous Sudan declared on their Telegram channel that it would launch cyberattacks on Nigeria’s vital information systems. This was in response to Nigeria’s participation in ECOWAS’s recent instructions to the Nigerien military to hand over power to the democratically elected government of the Niger Republic. This planned attack began on the 2nd of August, with MTN Nigeria leading the victim list and a partial service outage was observed by customers and users of various services

August 2023

DDOS