General TeleCom

Malware attacks 300,000 android devices – NCC

By Oluwashina Iyanda

                                            ……. NCC-CSIRT tells users to download only apps from official sites, stores

Malware, known as “Schoolyard Bully”, capable of stealing Facebook account credentials, has infected over 300,000 android devices.

This development has prompted the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) to advise users “to only download applications from official sites and application stores”.

Executive Vice Chairman/CEO of the Nigerian Communications Commission (NCC): Prof. Umar Danbatta

The advice is contained in a statement issued by Reuben Muoka, Director of Public Affairs of the NCC and copied to The NewsZenith on Wednesday.

“The NCC-CSIRT advisory recommends that users double-check each application and uncheck boxes that request extra third-party downloads when installing apps downloaded from the Google Play Store,” Muoka stated.

It also advised phone users to use anti-malware applications to routinely scan their devices for malware.

According to the statement, researchers from mobile security firm, Zimperium, found several apps that transmit the “Schoolyard Bully” malware.

The malware disguised as reading and educational apps with a variety of books and topics for their victims to study.

“The malicious apps were available on Google Play, yet they have already been taken down.

“However, they still spread via third-party Android app shops.

Read Related News:

Pantami decries destructive disinformation on Nigeria

Egypt, Greece to build subsea telecom cable in Mediterranean

Kenya takes mobile money out of telecom operations

“The primary objective of the malware, which affects all versions of Facebook Apps for Android, is to steal Facebook account information.”

They steal information such as the email address and password, account ID, username, device name, device RAM (Random Access Memory) and device API (Application Programming Interface).

“The (Zimperium) research stated that the malware employs JavaScript injection to steal the Facebook login information.

“The malware loads a legitimate web address inside a WebView with malicious JavaScript injected to obtain the user’s contact information.

“It then sends it to the command-and-control server.

“Furthermore, the malware uses native libraries to evade detection and analysis by security software and machine learning technologies,” NCC-CSIRT stated.

A WebView maps website elements that enable user interaction through Android View objects and their extensions.

NCC set up the CSIRT as the telecom sector’s cyber security incidence centre to focus on incidents.

Such incidents may also affect telecom consumers and citizens at large.

CSIRT also collaborates with the Nigerian Computer Emergency Response Team (ngCERT) to reduce the volume of future computer risk incidents.

They do this by preparing, protecting and securing Nigerian cyberspace to forestall attacks and related events.

 

 

 

 

Do you have a flair for Citizenship Journalism? Share story(ies) of happenings in your area with The NewsZenith on WhatsApp: 08033668669 or thenewszenith@gmail.com

Exit mobile version