WhiteHat NG is Nigeria's leading CERT-style Information Sharing and Analysis Center (ISAC). Founded in 2019, it serves as a people's Computer Emergency Response Team, providing cybersecurity advisories, vulnerability disclosure services, and threat intelligence to protect Nigerian cyberspace. WhiteHat NG publishes security advisories about vulnerabilities and threats affecting Nigerian organizations and citizens.

How do I report a security vulnerability to WhiteHat NG?

You can report security vulnerabilities through WhiteHat NG's Vulnerability Disclosure Program (VDP) at whitehat.ng/vdp/report. The platform accepts reports about vulnerabilities in Nigerian digital infrastructure, government systems, and private sector applications. All reports are handled confidentially by trained security professionals who coordinate responsible disclosure with affected organizations.

What types of security advisories does WhiteHat NG publish?

WhiteHat NG publishes four severity levels of security advisories: Critical (immediate action required), High (significant risk), Medium (moderate risk), and Low (minimal risk). Advisories cover topics including software vulnerabilities, malware campaigns, phishing attacks, data breaches, and emerging cyber threats affecting Nigeria. All advisories are available via web and RSS feed at whitehat.ng/advisories.

Is WhiteHat NG affiliated with the Nigerian government?

WhiteHat NG operates as an independent, community-driven cybersecurity organization. While it collaborates with government agencies and private sector partners on security matters, it maintains independence to serve as a trusted neutral party for vulnerability disclosure and security coordination. This independence allows WhiteHat NG to advocate for both security researchers and affected organizations.

How can organizations partner with WhiteHat NG?

Organizations can partner with WhiteHat NG through several programs: becoming an information sharing partner for threat intelligence, participating in the Vulnerability Disclosure Program as a receiving organization, sponsoring cybersecurity awareness initiatives, or contributing to advisory development. Contact partnerships@whitehat.ng or visit the About page for more information on collaboration opportunities.

Alert: ZamaniMart - New Phishing Campaign Targeting Victims in Nigeria

Threat Overview

This threat group employs a deceptive shopping module to lure victims via WhatsApp, aiming to collect sensitive financial information, including credit card details and login credentials. They then transfer funds from the victims' accounts.

Campaign Evidence

The following screenshots demonstrate the phishing infrastructure and tactics used by this campaign:

ZamaniMart Phishing Site

The main phishing storefront mimics legitimate e-commerce platforms.

ZamaniMart Payment Page

Fake payment pages are designed to harvest card details.

ZamaniMart WhatsApp Promotion

WhatsApp is used as the primary distribution channel for fake deals.

ZamaniMart Order Confirmation

Fake order confirmations are sent to build victim trust.

Campaign Details

Attack Vector

WhatsApp messages promoting fake online shopping deals
Links to convincing but fraudulent e-commerce websites
Social engineering to build trust

Technical Analysis

The "ZamaniMart" campaign uses:

Fake Storefronts: Professional-looking but fraudulent websites
Payment Capture: Fake payment pages that harvest card details
Account Takeover: Stolen credentials used to access bank accounts
Funds Transfer: Rapid movement of stolen funds

Indicators of Compromise

Domains (partial list)

zamanimart[.]com
zamani-deals[.]ng
Various typosquatting domains

Behavioral Indicators

Unsolicited WhatsApp messages about deals
Pressure to act quickly
Requests for card details on non-secure pages

Victim Impact

Direct financial loss through fraudulent transactions
Identity theft from harvested personal information
Compromised bank accounts
Emotional distress

Protective Measures

Verify Websites: Check for HTTPS and legitimate domain names
Be Suspicious: Question unsolicited offers, especially via WhatsApp
Use Secure Payment: Only pay through verified payment gateways
Enable Alerts: Set up transaction notifications on your accounts
Report: Alert your bank and authorities immediately if victimized

Response Actions

If you've interacted with this campaign:

Do not provide any more information
Contact your bank immediately
Change passwords for any compromised accounts
Report to WhiteHat NG and law enforcement

WhiteHat NG Phishing Alert