Nigerian hackers are sending phishing emails to commercial organizations and industrial enterprises.

Kaspersky Labs have found over 500 companies that are under attack in at least 50 countries. Those under attack are mostly industrial enterprises and large transportation and logistics corporations.

These are well crafted emails that look legitimate and are crafted to make the victim open the malicious attachment. The emails ask the recipients to check information as soon as possible, clarify product pricing or receive goods specified in the delivery note attached.

The malicious attachments contain RTF files with an exploit for the CVE-2015-1641 vulnerability. They may also contain archives of different formats containing malicious executable files or macros and OLE objects designed to download malicious executable files.

Kaspersky discovered that the malicious files are intended to steal confidential data and install stealthy remote administration tools on infected systems.

Using Whois services, Kaspersky found that the domains used to host the malware were registered to residents of Nigeria.

Once in, the hackers compromise a legitimate email and change the banking account details.

The FBI estimates that these phishing attacks have cost companies over $3 billion. The number of affected companies exceeds 22,143.

Source: Securelist