Nigeria’s Computer Emergency Response Team (ngCERT) has warned banks and other financial institutions across the country to strengthen their cybersecurity systems following a major ATM-related fraud incident in Senegal that led to losses exceeding $2 million.
Gatekeepers News reports that the agency described the threat as high risk and cautioned that similar attacks could target financial institutions operating in Nigeria.
According to the advisory, cybercriminals recently breached the card authorisation infrastructure of the Senegalese arm of the United Bank for Africa, enabling them to carry out 3,421 ATM withdrawals and steal more than $2 million.
Investigators said the attackers gained privileged access to critical banking systems, manipulated transaction controls and coordinated cash withdrawals across multiple locations.
ngCERT said such attacks often begin with phishing campaigns, supply-chain vulnerabilities or insider compromise. Once inside a bank’s network, attackers conduct reconnaissance on ATM transaction processing systems, card management platforms and authorisation services before altering withdrawal limits, fraud monitoring thresholds and card parameters to facilitate large-scale cash-outs.
The agency warned that successful attacks could result in significant financial losses, disruption of banking services, data breaches, reputational damage and regulatory sanctions.
To reduce the risk, it urged banks to strengthen privileged access controls, enforce multi-factor authentication, harden ATM infrastructure, improve transaction monitoring and conduct regular cybersecurity assessments and staff training.
The warning comes amid growing concerns over increasingly sophisticated cyber threats targeting financial institutions across Africa.
