A threat actor, with alias, icikevin, posted on a dark web forum, claiming to have gained unauthorized access to the database of the Central Bank of Nigeria (CBN) and the Chartered Institute of Bankers of Nigeria (CIBN). While the actor has not yet extracted the data, they seem to be advertising it for sale, offering it to interested buyers for a steep price of $2500.
According to the post, the threat actor was able to exploit a vulnerability in the websites of these institutions, namely the Central Bank of Nigeria’s portal (https://www.cbn.gov.ng/) and the CIBN portal (https://portal.cibng.org/), gaining access to their underlying databases. They describe using SQLmap, a popular open-source penetration testing tool, to enumerate the databases and access sensitive data.
The listed databases include:
- cbn
- cibndb
- cibnset
- msdb
Each of these databases likely contains critical information related to the functioning of these financial institutions.