Although law enforcement agencies around the world frequently identify new malicious hacking teams, very few of those groups are considered to be real cybersecurity threats. In Kenya, a newly identified group of malicious hackers has begun to attract attention due to the skills of its members, as well as for its predilection for attacking financial institutions.
The group, tracked as SilentCards, is located in Nairobi, Kenya’s capital city. These hackers have been linked to the theft of millions of Kenyan shillings, obtained by attacking the financial sector operating in the African country, especially hacking banks and ATMs, as well as having some attack international campaigns recorded in its history.
In its annual cybercrime report, cybersecurity firm Group-IB identifies SilentCards as one of today’s top global threats: “Only five hacker groups pose real threats to the global financial sector; Cobalt, Silence, MoneyTaker, Lazarus and SilentCards,” the report says.
The first four groups listed in the Group-IB report have been active for years and are sponsored either by the Russian or the North Korean governments, so they are fully consolidated and have the most sophisticated hacking tools. On the other hand, the report mentions that, while SilentCards hackers do not have the most advanced technological developments, their methods are as effective as those of State-sponsored groups, positioning Kenya as one of the main global cybercrime centers.
One of the main heists attributed to SilentCards occurred in April 2019, when nearly 11 million Kenyan shillings (about $109k USD) were stolen from multiple ATMs operated by Absa Bank using the attack technique known as jackpotting. Another incident attributed to SilentCards dates back to 2018, when a hacker group managed to access a local bank’s credit card processing systems to make illegitimate transfers for up to 400 million shillings (more than $3.9 million USD).
In addition to the high success rate of their malicious campaigns, another factor that worries cybersecurity specialists is the expansion of SilentCards, as hackers are constantly looking to recruit new members through hacking forums or other platforms online for computer enthusiasts, mainly young students or graduates of universities, offering them a much more attractive payment than a formal job. Public officials, bank employees and other financial institutions are also sought after by SilentCards.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.