Tag Archive for: nigeria

experts call for increased investment in internet security – The Sun Nigeria

/in


….As CBN, EFCC, CDS, others brainstorm

In order to combat the current incidence of internet fraud in Nigeria, information technology (IT) professionals on the platform of the Nigeria Computer Society (NCS) have said that the country has to invest significantly in cyber security, develop local skills, and take IT more seriously.

NCS President, Prof Adesina Sodiya stated this at the opening of the Annual Cyber Security Forum and Workshop organised by the organisation, Wednesday in Abuja.

Sodiya said the workshop, which was attended by representatives of the Central Bank of Nigeria (CBN), the the Economic and Financial Crimes Commission (EFCC), Chief of Defence Staff, among other top government institutions and functionaries, was to provide a platform for experts to come together and discuss how the nation’s cyber security challenges could be solved.

According to him, “A lot is going on in the financial and other sectors. You just heard from the EFCC guy where he confirmed that they are facing a lot of challenges in the area of cyber security. The issue is that so many of our young men, mostly due to unemployment are taking into cyber crimes. If you know what our youths can do, you would be amazed.”

Speaking further, he recommended that, “The first thing we need to do to address the issue of cyber insecurity is to invest more in cyber security protection. Critical information infrastructure protection. Some people in government, still do not know the level of threat that we have and even when some IT professionals are mentioning these threats, they feel that they want to use the opportunity to get money and so on and so forth but, the truth remains that we need to invest more on cyber security.

“We also need to truly make cyber security a business. Some of these guys that are experts, we should find a way of harnessing their skills for something that is go for the nation.

“Then again, government should take the issue of IT very seriously. The issue of IT is not something they should play with. Look at what happened to INEC, we told them that they needed to prepare well for cyber security. We sent proposals to them. Eventually, one of the…

Source…

NCC raises the alarm as malware attacks over 300,000 devices — Nigeria — The Guardian Nigeria News – Nigeria and World News

/in


Urges users to download apps only from official sites, stores

A MALWARE that steals Facebook account credentials, known as ‘Schoolyard Bully’, has infected over 300,000 android devices.

This has prompted the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) to issue an advisory, reminding users to only download applications from official sites and application stores.

The advisory recommended that users double-check each application; uncheck boxes that request extra third-party downloads when installing apps downloaded from Google Play Store; and use anti-malware applications to routinely scan their devices.

NCC, yesterday, said researchers from mobile security firm, Zimperium, found several apps that transmit the Schoolyard Bully malware, while disguising themselves as reading and educational apps with a variety of books and topics for their victims to study.

According to the commission, the primary objective of the malware, which affects all versions of Facebook apps for android, is to steal account information, including email address and password, account ID, username, device name, device RAM (Random Access Memory), and device API (Application Programming Interface).

According to NCC-CSIRT, “the (Zimperium) research stated that the malware employs JavaScript injection to steal Facebook login information. The malware loads a legitimate URL (web address) inside a WebView (a WebView map website element that enables user interaction through Android View objects and their extensions) with malicious JavaScript injected to obtain the user’s contact information (phone number, email address, and password), and then sends them to the command-and-control server.

“The malware uses native libraries to evade detection and analysis by security software and machine learning technologies.”

The CSIRT is the telecom sector’s cyber security incidence centre, set up by NCC to focus on incidents in the sector as they may affect consumers.

Source…

NCC urges adoption of two-factor authentication to protect telegram accounts against attack – The Sun Nigeria

/in


From Adanna Nnamani, Abuja

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised users to adopt two-factor authentication to protect their Telegram accounts and to avoid downloading unauthorized Advanced IP Scanner Software.

This, the  NCC says is in response to the discovery of a new attack that compromises victims’ VPN (Virtual Private Network) accounts to compromise messaging app, Telegram.

According to a statement from the Commission, Ukrainian cyber experts discovered the attack, which uses Vidar Malware (Vidar Stealer) to steal Telegram session data, which in the absence of configured two-factor authentication and a passcode, allows unauthorized access to the victim’s telegram account and corporate account or network.

“The malware, which exploits unauthorized access to users’ Telegram accounts and corporate accounts to steal data, targets platforms across iOS, Android, Linux, Mac and Windows Operating Systems.

“The Ukrainian CERT alleged that a Somnia Ransomware was created to be used on Telegram that tricks users to download an installer that mimics ‘Advanced IP Scanner’ software, which contains Vidar Malware. The installer infects the system with the Vidar stealer, which steals the victim’s Telegram session data to take control of their account.

“The threat actors abuse the victim’s Telegram account in some unspecified manner to steal VPN connection data (authentication and certificates). If the VPN account is not protected by two-factor authentication passcode, the hackers use it to gain unauthorized access to the victim’s employer’s corporate network”, the alert and advisory states.

“Once inside, the intruders conduct reconnaissance work using tools like Netscan, Rclone, Anydesk, and Ngrok, to perform various surveillance and remote access activities, and then deploy a Cobalt Strike beacon, exfiltrating data using the Rclone program,” the report stated.

“The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large. The CSIRT also works collaboratively with…

Source…

NCC-CSIRT warns against Google Chrome extensions malware – The Sun Nigeria

/in


(NAN)

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned against five malicious Google Chrome Extensions that surreptitiously track online browsers’ activities and steal their data.

NCC’s Director of Public Affairs (DPA), Mr Reuben Muoka, made this known in a statement on Saturday in Abuja.

Muoka said that the five malicious extensions were discovered by the McAfee Mobile Research Team.

He said that they include Netflix Party with 800,000 downloads, Netflix Party 2 with 300,000 downloads, as well as Full Page Screenshot Capture Screenshotting with 200,000 downloads.

Others are FlipShope Price Tracker Extension with 80,000 downloads and AutoBuy Flash Sales with 20,000 downloads.

“The five google chrome extensions identified have a high probability, damage potential and have been downloaded more than 1.4 million times, while they serve as access to steal users’ data.

“The telecom sector-focused cybersecurity protection team alerted telecom consumers to be cautious when installing any browser extension.

“The users of these chrome extensions are unaware of their invasive functionality and privacy risk

“Malicious extensions monitor victims’ visits to e-commerce websites and modify the visitor’s cookie to appear as if they came through a referrer link.

“Consequently, the extensions’ developers get an affiliate fee for any purchases at electronic shops,” he said.

Read also: Flood kills 3, damages 1,453 houses in 2 Bauchi LGAs

The DPA stated that, although the google team removed several browser extensions from its Chrome Web Store, keeping malicious extensions out may be difficult.

He, however, said that the NCC-CSIRT, thus, recommended that telecom consumers observe caution when installing any browser extension.

Mouka said: “This include removing all listed extensions from their chrome browser manually.

“Internet users are to pay close attention to the promptings from their browser extensions, such as the permission to run on any website visited and the data requested before installing it.

“Although some extensions are seemingly legit due to the high number of user downloads, these hazardous add-ons make it…

Source…