- The National Information Technology Development Agency (NITDA) has raised alarms about a new banking malware, Grandoreiro, threatening African financial institutions and their customers.
- Originating in Latin America, this sophisticated malware leverages phishing techniques to infiltrate banking systems and compromise sensitive user information.
- Grandoreiro operates by deceiving users into sharing critical banking details, such as account passwords and personal identification numbers (PINs). Once activated, the malware tracks user activities, records keystrokes, and transmits stolen data to cybercriminals, potentially leading to severe financial losses.
NITDA has urged financial institutions to reinforce their cybersecurity frameworks. Recommendations include deploying advanced threat detection systems, conducting regular security audits, and educating staff on identifying and countering potential cyber threats.
As African banks continue to digitise their services, the importance of robust cybersecurity measures cannot be overstated. Regulatory bodies, financial institutions, and individual customers must collaborate to build a resilient defense against the evolving landscape of cybercrime.
Compounding these external threats are internal vulnerabilities within financial institutions. In the second quarter of 2024, Nigerian banks terminated 49 employees due to their involvement in fraudulent activities, marking a 40% increase from the previous quarter.
The emergence of Grandoreiro in Africa highlights the growing sophistication of cyber threats targeting the continent's financial sector. In recent years, African banks have become prime targets for cybercriminals employing advanced tactics to exploit system vulnerabilities. For instance, in April 2024, Equity Bank in Kenya suffered a significant breach where hackers stole approximately $1.3 million through a coordinated debit card fraud scheme.
Similarly, in Ghana, the Africa Centre for Digital Transformation (ACDT) alerted financial institutions about potential cyber threats following a global software failure involving major cybersecurity firms. The ACDT emphasised the importance of proactive measures to safeguard against such threats, highlighting the region's susceptibility to cyberattacks.
In June 2024, South Africa's First National Bank (FNB) cautioned that cybercriminals are increasingly using advanced phishing tactics to target users of digital wallets. The bank highlighted that the criminals are not leveraging any security deficiency but rather employing "phishing and smishing" tactics to trick users into sharing sensitive information, enabling them to load physical card details such as plastic number, expiry date, and card verification value (CVV) onto their digital wallets.
NITDA's warning serves as a crucial reminder for both financial institutions and their customers to remain vigilant. Customers are advised to be cautious of unsolicited emails or messages requesting personal banking information and to verify the authenticity of such communications before responding. Financial institutions should invest in advanced threat detection systems and provide continuous training to staff to recognize and respond to potential cyber threats effectively.
As cyber threats continue to evolve, a collaborative approach involving regulatory bodies, financial institutions, and customers is imperative to strengthen the resilience of Africa's banking sector against such malicious activities.