FG Raises Alarm Over Rising ATM Cyberattacks After Reported $2 Million UBA Senegal Hack

FG Raises Alarm Over Rising ATM Cyberattacks After Reported $2 Million UBA Senegal Hack

  • ngCERT has warned banks to strengthen their cybersecurity following a surge in ATM-related cyberattacks targeting financial institutions
  • The agency cited a recent attack on UBA Senegal, where fraudsters stole over $2 million through 3,421 ATM withdrawals
  • It urged banks to improve access controls, deploy multi-factor authentication, strengthen ATM security, and enhance real-time monitoring

Legit.ng journalist Victor Enengedi has over a decade's experience covering energy, MSMEs, technology, banking and the economy.

Nigeria's Computer Emergency Response Team (ngCERT) has alerted banks and other financial institutions to strengthen their cybersecurity systems following an increase in sophisticated ATM-related cyberattacks across Africa.

In a high-risk security advisory issued on June 25, 2026, the federal cyber incident response agency warned that the attacks pose a serious threat to the financial sector and could result in significant financial losses, operational disruptions and reputational damage if not swiftly addressed.

Nigerian Banks on Red Alert as ngCERT Flags High-Risk ATM Cyber Threat Across Africa
NgCERT warned that successful ATM cash-out attacks could rapidly deplete ATM cash reserves. Udee, Tech World
Source: UGC

Operating under the Office of the National Security Adviser (ONSA), ngCERT said financial institutions must urgently review and reinforce their security infrastructure to prevent similar attacks.

Read also

Wema Bank suspends social media account over impersonation

UBA Senegal attack highlights growing threat

The advisory referenced a recent cyberattack on United Bank for Africa (UBA) in Senegal, where cybercriminals reportedly stole more than $2 million through 3,421 ATM withdrawals.

According to ngCERT, the attackers gained privileged access to the bank's card authorisation systems, allowing them to manipulate transaction controls and coordinate large-scale cash withdrawals from multiple locations.

The agency warned that the same attack method could easily be replicated against banks operating similar ATM and payment card infrastructure across the continent.

Investigations cited in the advisory revealed that attackers typically gain entry into banking networks through phishing emails, compromised third-party vendors, supply-chain vulnerabilities or insider access.

Once inside, they conduct extensive reconnaissance to identify systems responsible for ATM processing, card management and transaction authorisation.

The criminals then alter withdrawal limits, transaction velocity settings, fraud detection thresholds and payment card records, enabling a network of operatives to simultaneously withdraw large sums of cash from ATMs in different geographic locations before the fraud is detected.

Read also

Hackers found new way to penetrate Microsoft accounts without passwords, FBI warns

Potential financial and operational consequences

NgCERT warned that successful ATM cash-out attacks could rapidly deplete ATM cash reserves while exposing core banking systems to compromise.

ngCERT said:

“Once inside, attackers conduct internal reconnaissance to map critical systems involved in ATM transaction processing, card management and authorization services.”

The agency said such breaches may also lead to customer account manipulation, theft of sensitive financial data, prolonged service disruptions, regulatory sanctions and severe reputational damage for affected institutions.

Beyond immediate financial losses, the attacks could create broader cybersecurity risks by allowing hackers to expand their access across internal banking networks.

Banks advised to strengthen cyber defences

To reduce the risk of future attacks, ngCERT urged financial institutions to tighten privileged access controls and enforce multi-factor authentication for all administrative accounts.

It also recommended hardening ATM infrastructure by disabling unnecessary remote access, installing the latest firmware and security patches, and reviewing third-party vendor accounts and remote access pathways.

Read also

FG moves to launch smartphone factories in Nigeria to slash phone prices, create jobs

Nigerian Banks on Red Alert as ngCERT Flags High-Risk ATM Cyber Threat Across Africa
ngCERT urged financial institutions to tighten privileged access controls and enforce multi-factor authentication for all administrative accounts. Photo credit: IT Pulse
Source: UGC

In addition, the agency advised banks to implement stronger network segmentation, improve real-time transaction monitoring, conduct continuous threat-hunting exercises, and carry out regular pen*tration tests and red-team simulations.

NgCERT further called for increased staff awareness on phishing attacks and insider threats, while encouraging financial institutions to routinely test and update incident response plans specifically designed for ATM cash-out attacks as cybercriminals continue to adopt more advanced tactics.

Scammers steal N10 billion from Nigerian bank

Earlier, Legit.ng reported that the Federal High Court in Abuja ordered an additional 30-day freezing of 818 bank accounts.

The bank accounts were suspected of being involved in the alleged proceeds of crime from an N10 billion cyberattack on Hope Payment Service Bank.

The court gave the 30-day freezing order to help the bank recover the funds which were moved into the accounts in a July cyber heist.

Source: Legit.ng

Authors:
Victor Enengedi avatar

Victor Enengedi (Business HOD) Victor Enengedi is a trained journalist with over a decade of experience in both print and online media platforms. He holds a degree in History and Diplomatic Studies from Olabisi Onabanjo University, Ogun State. An AFP-certified journalist, he functions as the Head of the Business Desk at Legit. He has also worked as Head of Editorial Operations at Nairametrics. He can be reached via victor.enengedi@corp.legit.ng and +2348063274521.