December 2, 2024
  • December 2, 2024
Breaking News
  • Home
  • Top Stories
  • NCC-CSIRT alerts Nigerians to fresh activities of threat actors
February 8, 2023

NCC-CSIRT alerts Nigerians to fresh activities of threat actors

By Upfrontdigital News 0 375 Views

NCC Building, Abuja

 

By Favour Unukaso

THE Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT), in line with its mandate, has rolled out some advisories as cyber threat actors continue to devise means of compromising their targets, especially in the last five weeks.

The latest of such advisories urged users to be mindful after attackers use Microsoft OneNote attachments in phishing emails that infect victims with remote access malware, which may allow hackers to remotely access vital information on victims’ devices.

The Team advised users not to open files from people they do not know, not to click ‘OK’ and immediately exit the application if they receive a warning that opening an attachment or link can damage their computer or files and to promptly share an unknown email they believe to be genuine with a security or Windows administrator to assist in determining whether the file is secure.

According to a statement, signed by NCC Director of Public Affairs, Reuben Muoka and made available to journalists, Wednesday, the NCC-CSIRT had recently advised people not to open attachments in suspicious emails and to only purchase or download applications from official websites in response to the discovery of phishing malware that can gain unauthorized access to sensitive user data and download further malware.

Muoka

The team reported that cybersecurity analysts at ASEC (South Korea’s cybersecurity emergency response centre), discovered a NetSupport RAT malware being distributed by threat actors from a phishing website disguised as a popular Pokemon card game.

According to them, the malware is a remote access tool that easily controls its victims’ Personal Computers and may allow the attackers to remotely control the compromised computer’s mouse and keyboard, access the system’s file management and history and even execute commands allowing them to install additional malware.

To the researcher, the CRAFTED website that spread the malware is still online and home to a new NFT card game built around the Pokemon franchise, offering users strategic fun together with NFT investment profits.

In a related advisory, following the discovery of several phishing apps on the Google Play Store, NCC-CSIRT also advised users not to give out sensitive information through untrusted platforms.

NCC-CSIRT’s advisory on the discovery, said the apps, which have been downloaded 450, 000 times in total, can be games or investment services, but that they are designed to steal sensitive user information.

The statement informed that while some of the malicious apps have been removed, others are still active on the store, with the affected apps listed as Golden Hunt, Reflector, Seven Golden Wolf Blackjack, Unlimited Score, Big Decisions, Jewel Sea, Lux Fruits Game, Lucky Clover, King Blitz, and Lucky Hammer.

According to the advisory, after installing and opening the app, it will contact a remote server, which will reply with instructions on what to do. These instructions typically include phishing pages that will be displayed to unsuspecting users to collect their sensitive information.

Meanwhile, NCC-CSIRT also advised users to update their Galaxy App Store following the discovery of multiple vulnerabilities in the Samsung Galaxy App Store Application can lead to unwanted app installations and code execution. It disclosed that Ken Gannon, a cybersecurity researcher from NCC Group, discovered the vulnerabilities in the Galaxy App Store application on Samsung devices that are running Android 12 and older.

The CSIRT is the telecoms sector’s cyber security incidence center set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.

The CSIRT also works collaboratively with ngCERT, established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting, and securing Nigerian cyberspace to forestall attacks, and problems or related events.

Leave a comment

Your email address will not be published. Required fields are marked *