In an apparent failure of pressure tactics, Medusa ransomware group has published what it claims to be Bank of Africa’s data. The group added Bank of Africa as a victim on February 11. The deadline on the ransomware’s leak site was February 22.
Medusa #ransomware group claims to have published Bank of Africa's data in their leaks site. The group added Bank of Africa as a victim on 11 Feb, 2023.#Morocco#DarkWeb #cyberrisk #DataBreach #DeepWeb pic.twitter.com/PgGaWkdOS2
— FalconFeedsio (@FalconFeedsio) February 27, 2023
The ransomware gang, in order to boost the extortion effort, put a countdown timer to the post then. The implied threat was that group would leak the stolen data or sell it to other threat actors if the victim refuses to pay the ransom.
Medusa ransomware gang adds Bank of Africa to victim list
Bank of Africa Group is a pan-African banking institution that has been providing banking services since its inception in 1982. With its head office in Bamako, Mali, Bank of Africa has expanded its operations to 18 African countries and employs over 7,000 people.
Prior to 2020, the parent company of the group was named Banque Marocaine du Commerce Extérieur (BMCE), which translates to “Moroccan Bank of Foreign Trade” in Arabic.
Despite the name change, the brand identity of BOA still incorporates “BMCE Group” as of 2022. BOA has a global presence with offices located in Europe, Asia, France, Spain, the United Kingdom, China, Italy, Germany, the United Arab Emirates, Belgium, Canada, and the Netherlands.
The analysts commissioned by The Cyber Express are vetting the ransomware gang’s claim. The Cyber Express has reached out to Bank of Africa for updates on the situation.
African banks and ransomware attacks
Close on the heels of the BoA ransom note, BlackCat/ALPHV ransomware group listed Anglola-based Banco Sol S.A. as a victim.
Cyber attacks on African banks have been on the rise in recent years, and this trend appears to be continuing.
Facing numerous challenges, including limited resources and a lack of advanced cyber security news infrastructure, online banks in Africa are often seen as an easy target for hackers, who perceive that they may be more vulnerable than their counterparts in more developed countries.
Bank of Africa, with its multinational operation, is presently the largest possible target.
The Bank of Africa Group operates in 18 African countries, which include Benin, Burkina Faso, Burundi, Cote d’Ivoire, Djibouti, Ghana, Guinea, Kenya, Madagascar, Mali, Niger, Rwanda, Senegal, Tanzania, Togo, Uganda, Zambia, and Congo-Brazzaville.
As of 2021, Bank of Africa had over 10 million customers.
The group has several associated businesses that complement its banking operations, such as Bank of Africa Insurance, Bank of Africa Leasing, Bank of Africa Securities; Bank of Africa Asset Management; and BOA Capital.
The bank has a strong customer base and a focus on innovation and financial inclusion. Its associated businesses complement its banking operations and help to provide customers with a range of financial products and services.
The bank’s growth trajectory in recent years has been impressive, and it is expected to continue to expand its operations in Africa in the coming years.
Bank of Africa and the scale of attacks
The bank has invested heavily in digital technology to make banking services more accessible to customers in Africa. This, inadvertently, has increased both the attack surface and the scope of damage in the event of a cyber-attack.
A quick search on Google Play shows that the bank has been running several apps downloaded and used by millions of customers.
MyBOA – Mobile Banking: more than 100,000 downloads
BMCE Direct: more than one million downloads
MyBOA – BANK OF AFRICA: more than 500,000 downloads
B-Mobile from Bank of Africa, BANK OF AFRICA KENYA: more than 50,000 downloads
MyBOA-MALI: more than 50,000 downloads
B-Mobile – BANK OF AFRICA TANZANIA: more than 5,000 downloads
BMobile Ghana: more than 5,000 downloads
The present situation comes weeks after another scam that targeted the bank.
Beware of fraudulent ads posting links leading to fake websites.
We are not running any campaigns that would ask you to give us your account information or that are rewarding monetary prizes as the fraudulent ads claim.
Use only the official website https://t.co/cJgOmLmFdL. pic.twitter.com/4YffDkbZzN
— Bank of Africa (@BankOfAfrica_Ug) February 1, 2023
The Bank of Africa in Uganda last month issued a warning to the public regarding a hoax promotion that claims the bank is offering cash rewards.
The hoax promotion has been circulating on social media, urging people to deposit money into an account in order to receive a cash reward.
