Africa sees increase in ransomware, botnet attacks – but online scams still pose biggest threat

Fraud is still the primary goal of cybercriminals operating across the continent, Interpol warns in latest market report

Fraud is still the primary goal of cybercriminals operating across the continent, Interpol warns

Online scams are still the biggest cyber threat to African citizens, a new report has revealed, though ransomware attacks are “expanding rapidly” across the continent.

The study (PDF), published by Interpol yesterday (October 25), found that internet-enabled fraud was the biggest risk to African countries, which have reported a sharp increase in the number of online banking scams, including instances of banking and credit card fraud, in 2021.

Read more of the latest ransomware news

Digital extortion – defined as “allegations of sexually compromising images or direct blackmail campaigns” – was the second highest recorded cyber threat.

While business email compromise (BEC) scams have also risen in prominence during the Covid-19 pandemic, due, in part, to the increase of businesses and organizations relying on bank wire transfers.

Better connected

The number of African citizens who have access to the internet is estimated to be around 500 million, which is a huge figure in itself, though when compared to the overall population only equates to 38%.

Leading the way is Kenya with 83% of its population being online, Nigeria with 60%, and South Africa with 56%.

RELATED Millions of South Africans caught up in security incident after debt recovery firm suffers ‘significant data breach’

Fraud has historically been an issue across the continent – in particular, phishing campaigns and romance scams – however the report found that the increase in digitization across Africa has created new avenues for crime.

The report reads: “… the move towards a digital society – particularly within the African region – has created new attack vectors for criminals to both obfuscate their identity and target new victims.”

Ransomware rising

While social engineering remains the most popular attack vector in Africa, the study found that instances of ransomware and botnet attacks are also rising.

Ransomware is the fourth most prevalent cyber-attack identified in the report, which states that more than 61% of companies in the region were…


Microsoft calls blockchain domains ‘the next big threat’

“The next big threat” is how Microsoft’s latest annual security report characterizes domain names written into a distributed ledger maintained across a constellation of computers instead of stored in a traditional, centralized registry.

Storing domain names on a blockchain can make them difficult to shut down or even trace to their owners. It also leaves them inaccessible without special software or settings.

“In recent years, we have observed blockchain domains integrated into cybercriminal infrastructure and operations,” the report says, nodding to Microsoft’s experience last spring disrupting a botnet called Necurs.

That botnet used a domain-generating algorithm to create new hosts in bulk—including under the .bit blockchain top-level domain, leaving them unable to be policed like a .com or other standards-compliant domain.

The potential for abuse led a group called OpenNIC, which promotes alternatives to the traditional domain-name system, to vote in 2019 to block the .bit domain lest the organization be “directly responsible for the creation of a whole new class of malware.”

Adds Microsoft’s report: “This trend of threats leveraging blockchain domains as infrastructure with the means to create an undisputable criminal network should be taken seriously.”

Can’t stop ’em

Among proponents of a decentralized internet, meanwhile, you’ll see a common response to the critique that blockchain domains can’t be taken down: Yes, that’s correct.

As the sales pitch on the homepage of one blockchain-domain registrar, Unstoppable Domains, reads: “Unlike traditional domains, Unstoppable Domains are fully owned and controlled by the user with zero renewal fees ever (you buy it once, you own it for life!).”

It quotes one-time registration fees ranging from $20 to $100 under such blockchain top-level domains as .crypto, .wallet, .coin, .888 and .x, although costs can escalate dramatically for shorter, more memorable domains. For example, potomacriver.x would cost $100 versus $7,500 for potomac.x.

Over email, Unstoppable Domains CEO Matthew Gould rejected the idea that his San Francisco-based company is an irresponsible actor. He noted the company’s…


The fragile internet is a threat to the economy

The BDN Opinion section operates independently and does not set newsroom policies or contribute to reporting or editing articles elsewhere in the newspaper or on

Tae Kim is a Bloomberg Opinion columnist covering technology.       

It has been a rough few months for the internet.


Google Gets a Jump on Cyber Awareness Month with Repeated Zero Day and High Rank Threat Disclosures

In seeming anticipation of Cyber Awareness Month in October, Google began a series of “Whack-a-Mole” updates to address a spate of Chrome security flaws. Each time they knocked a batch down, more have popped up. In the first week of October, Google announced they had found the 12th and 13th zero day exploits of 2021, affecting Linux, macOS, and Windows users – just days after number 11 was made public. More disclosures of high ranking exploits have since followed at what seems to be an accelerating pace.

“Zero day” exploits are particularly dangerous because hackers are aware of – and can exploit – them before security patches are available to fix them. With 2.65 billion Chrome users worldwide and a 65% market share, these newest Chrome zero days left an awful lot of users exposed to danger until Google released fixes. And since many organizations take some time to roll out new versions of their browsers, many users will be exposed to these vulnerabilities for quite a while.

DevOps Experience

Browsers are designed to execute all web code only within the browser, and nowhere else on the device. Browser security vulnerabilities are dangerous in that they allow code to “jump” from the browser to the device and execute there.

Use-After-Free Vulnerabilities

A number of the latest zero day exploits and high-rated threats were Use-After-Free (UAF) vulnerabilities, which are some of the most dangerous software vulnerabilities around.

Normally, when an application finishes using memory, that memory is returned to the free memory list. In a UAF, the attacker has gained access to the memory address. This allows them to insert malicious code into memory that has been freed for use other than for browsing – code which can cause all kinds of harm.

Additionally, since the memory isn’t wiped clean after a UAF has been exploited, the attacker can continue to read contents of memory of the device, including sensitive customer or organization data.

More Than Chrome Can Be at Risk

The most recent zero day was in the core code known as Chromium. Chromium is an open-source browser that is maintained primarily by Google. Google adds features to Chromium for its Chrome browser, and other…