A series of targeted attacks against the financial sector in Francophone nations in Africa from at least July 2022 to September 2022 have been connected to the cybercrime organisation known as Bluebottle.
The Hacker News received a report from Symantec, a division of Broadcom Software. “The organisation makes considerable use of living-off-the-land, dual use tools, and commodity malware, with no unique malware deployed in this campaign,” the report stated.
The cybersecurity company claimed that the activity aligns with a threat cluster known as OPERA1ER, which between 2018 and 2022 launched hundreds of assaults on banks, financial services providers, and telecom firms in Africa, Asia, and Latin America.
The toolset employed, the attack infrastructure, the lack of custom malware, and the targeting of French-speaking countries in Africa all contribute to the attribution read the complete article Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations.