attributed to OPERA1ER
in estimated demages
where OPERA1ER struck
The report “OPERA1ER. Playing God without permission” takes a deep dive into the recent operations of the prolific cybercrime syndicate that is confirmed to have stolen at least $11 million since 2019 in 30 targeted attacks with basic toolset. Although African banks were the most frequent victims, highly targeted campaigns have also been observed against many other industry verticals in different geographic regions.
Successful investigation into the attacks of OPERA1ER became possible thanks to a long-standing partnership between Group-IB Threat Intelligence Team and the Orange CERT Coordination Center (Orange-CERT-CC), in-house operational organization responsible for managing IT security incidents of the Orange Group, a multinational telecommunications operator.
In this report
The timeline and geography
Where and how they struck; and the length of time it took from gaining initial access to an organization to committing fraud.
The kill chain used to commit cyber crime
Follow the steps taken to discover how the attacks were committed. See how cooperation between cyber security organizations was able to uncover the activity.
Tactics, techniques and procedures
Learn how they gained access to networks and what was unique about their attacks; and how to protect your business from similar attacks.
OPERA1ER can prepare the attack for up to one year, studying the internal network of the organization, as well as learning how the digital banking systems were designed and planning the withdrawal of money. This time is also quite enough to identify the anomaly in the network and take measures to localize the incident.
Advanced protection against cyber threats
Group-IB’s security ecosystem provides comprehensive protection for your IT infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response.