NCC warns Nigerians of new malware attacks on more than 300,000 Android devices

the Nigerian Communications Commission (NCC) has warned Nigerians to beware of a new malware called “Schoolyard Bully”.

According to the Commission’s Computer Security Incident Response Team (NCC-CSIRT), malware that steals Facebook account credentials has infected more than 300,000 Android devices worldwide.

In its latest notice, the NCC-CSIRT reminded mobile users in Nigeria to only download apps from official sites and app stores.

Other recommendations: The NCC-CSIRT advisory in this regard further recommended that users double-check each app and uncheck the boxes that prompt additional third-party downloads when installing apps downloaded from the Google Play Store and use anti-malware apps to routinely scan their devices for malware. malware. .

It added that researchers from mobile security firm, Zimperium, found several apps that spread the “Schoolyard Bully” malware while disguising themselves as reading and educational apps with a variety of books and topics for their victims to study.

The news continues after this announcement.

The malicious apps were available on Google Play, but have since been removed. However, they are still spread via third-party Android app stores.

The main goal of the malware, which affects all versions of Facebook apps for Android, is to steal Facebook account information, including email address and password, account ID, username, the device name, the device RAM (random access memory), and the device API. (Application Programming Interface).

The news continues after this announcement.

How malware attacks: Explaining how the malware attacks its victims, NCC-CSIRT said:

  • “(Zimperium’s) research indicated that the malware employs JavaScript injection to steal Facebook login information. The malware loads a legitimate URL (web address) inside a WebView (a WebView maps website elements that allow user interaction via Android View objects and their extensions) with malicious JavaScript injected to obtain contact information. of the user (phone number, email address and password). ), then send it to the command and control server.
  • “In addition, the malware uses native libraries to evade detection and analysis by security software and machine learning technologies.”

In case you missed it: Remember that the NCC’s Computer Security Incident Response Team (NCC-CSIRT) previously warned Nigerians about other potential cyberattacks. More recently, warned about the potential harm of participating in the unseen challenge on Tik Tok.

Previously, Nigerians were warned about the discovery of malware that compromises victims’ VPN (virtual private network) accounts to attach the Telegram messaging app.

Leave a Comment