What's up with Whitehat.ng?

Now if you’re building up an imagination of a man wearing a white shade of hat on his head, then your heart and mind have led you astray.

Contrary to possible initial thoughts, Whitehat ng is a non-profit organization, founded in 2020. The organization is composed of Nigeria’s finest security researchers; wielding exceptional arsenals of professionalism, patriotism and dedication to the Nigerian cybersecurity landscape. The vital role played by this organization begs the question once more, What’s up with Whitehat ng?

Repositioning the cybersecurity posture

“A car that rides on three wheels is called a tricycle.

Only the pilot is certain of its balance” ?

?Across the globe, nations have embraced technology as the way forward in human society. This has necessitated the formulation of laws, acts, and guidelines. Reposition is key, and the Nigeria cybersecurity landscape is still growing and yet has the capability to be reckoned with. Whitehat provides a pathway to actualizing the country’s cybersecurity goals and enabling it stand, balanced on four wheels.

?Engaging in Open Research

?“Two heads are better than one is a true saying.

But more heads are definitely better.”

Whitehat's teams of professionals obtain worldwide informative security facts from useful, recognized and reliable sources, institutes, communities and individuals. The data collected is adapted to the current realities of the cybersecurity posture in Nigeria. This further advances the research areas by providing a rich pool cyber cyber-related data. Whitehat.NG events and reports, enable stakeholders to stay updated on the latest cybersecurity incidents in Nigeria.

?Reporting Sensitive Findings to Affected Organizations.

Whitehat, a non-profit organization has gone a step further to prove its dedication to enhancing the security posture of various organizations within the country.? This has helped organizations become aware of loopholes existing within their critical infrastructures. The 2023 annual report made by Whitehat shows;

§? A responsible disclosure of 38 security vulnerabilities across sectors including banking, government, education, construction, information technology, emerging media, transportation, and telecommunication.

§? Major cyber incidents that occurred in Nigeria in 2023. The incident that emerged as the most prevalent threat was Ransomware. Additional incidences included defacement, breach, stolen funds, and Ponzi scheme crashes.

§? The educational contributions provided by non-profit bodies to empower individuals with valuable cybersecurity knowledge and skills.

Prominent Cyber Incidence Recorded in 2023

January

1.???? Phishing (Data Collection): A clone portal, created by a malicious actor was in circulation during the 2023 General Election in Nigeria, tricking unsuspecting users into:

Sharing personal information

Distributing malicious links to social media platforms such as WhatsApp Group.

The malicious actor concealed the link by using a URL shortener known as Lyrus, to target users. Expert investigation reveals that the same domain has been in operating since 2022, hosting a similar fake platform and targeting users across Ghana, Kenya and Nigeria with counterfeit grants from presidential aspirants, visa sponsorship, jobs, and youth empowerment.?

2.???? Ransomware: Files belonging to a federal agency were encrypted. The ransom note read as follows;

“The files have been encrypted by OXXX Virus and victims can buy decryption for $ 300 USD in bitcoin by sending the unique ID to [email protected]”

March

1.???? Breach and Stolen fund: In early February, hackers transferred over N2.9 billion from Flutterwave, a fintech company that provides a payment infrastructure for global merchants and payment service providers across the continent.

2.???? Defacement: Babcock University’s Information Management System account was hacked and the website was defaced with pornographic content.

April

1.???? Ransomware: A cybercriminal gang (ALPHV), allegedly attacked a leading Nigeria insurance company known as Leadway Assurance Company Limited.

May

1.???? Insider Threat & Stolen Funds: Afriq Arbitrage System (AAS), a global crypto space led by Jesam Micheal was betrayed by its own staff, Abayomi Segun Oluwasesan. Millions of dollars from over 100,000 investors from 75 countries were stolen.

2.???? Controversial Disclosure: A LinkedIn post by David Seenaike, disclosed the plethora of vulnerabilities on which Nigeria’s Financial Institutions operate on. Generating mixed reactions from cybersecurity leadership across the financial space.

3.???? Breach and Stolen Fund: Patricia’s reveals a breach on its trading app.? Costing the company $2 million.

4.???? Defacement: The Ogun State Government website was defaced with a message hinting the technical team to update their security.

?July

1.???? Ransomware: A cybercriminal gang (ALPHV), allegedly carried out another attack on a Globacom Nigerian and demanded $2.5 million.

August

1.???? Info and Credential Stealer Malware Campaign: Several MSSPs and private SOCs, repeated cases of information and credential stealer malware in their various institution.

2.???? Distributed Denial of Service (DDoS): Anonymous Sudan, to fulfil their threat to attack Nigeria’s vital Information System, launched a DDoS attack on MTN Nigeria, denying service to customers and users of various services.

3.???? Ponzi Scheme Crashed Off: MTFE Ponzi scheme, an audacious crypto fraud that duped unsuspecting investors out of a sum of $1 billion.

October

1.???? Ransomware: The Mallox Ransomware Group, attacked a notable construction company in Nigeria. This attack resulted in the encryption of critical servers; the criminal group demanded a ransom for its decryption.

November

1.???? Ransomware: A federal agency was involved a ransomware incident because their agency’s server was running Window Vista an older version of the windows operation system.

2.???? Ponzi scheme Crashes Off: A purported e-commerce earning app called SRA, which gained popularity in North Central Nigeria crashed. The app turned up as a scam, resulting in the unsuspecting user losing all of their investments.

December

1.???? Ransomware: The Meow Ransomware Group, announced that they had successfully breached Wema Bank. The post on the leak site included the bank’s machine accounts from its domain controllers, with a threat to release additional data if the bank doesn’t negotiate.

October

2.???? Ransomware: An incident of Mallox was experienced by a federal commission responsible for regulating an industry where one of the top players had previously experienced an incident caused by APLHV group earlier that same year. The ransomware group is demanding payment, and all data on the affected server is currently encrypted.

Whitehat.NG Projects

The organization's projects contribute to the safety of cyberspace in Nigeria by encouraging responsible disclosure and vulnerability management. These projects;

·?????? Focus on Report and Fix;

·?????? Emphasize on Track and Analysis;

·?????? Ensure collaboration and Innovation;

·?????? Contribute to Learn and Grow.

To our readers, we believe you now have insight into what Whitehat ng is all about. The year 2024 is just starting and we hope to engage you more frequently. You can find more on Whitehat through our LinkedIn page Whitehat.GN and other social media platforms.

“Power is for those who find it. Good or Bad.”

By: Josh Troubador

?