NCC Uncovers Malware Stealing Facebook Login Details, Issues Advisory Warning to Android Users
- An advisory warning has been issued to android mobile device users in Nigeria by the Nigerian Communications Commission (NCC)
- The commission's Computer Security Incident Response Team (CSIRT) uncovered a malware called "Schoolyard Bully" stealing Facebook login information
- It was gathered that 300,000 android devices have been compromised due to this viral malware
PAY ATTENTION: Сheck out news that is picked exactly for YOU ➡️ find the “Recommended for you” block on the home page and enjoy!
FCT, Abuja - The Nigerian Communications Commission's Computer Security Incident Response Team (NCC-CSIRT) says over 300,000 android devices have been compromised due to the viral malware "Schoolyard Bully" that steals Facebook account credentials.
According to a statement made available to Legit.ng on Wednesday, December 14, NCC-CSIRT says to ensure the effective use and gratification of android devices, users must download applications at the appropriate app stores and websites.
Source: Getty Images
As part of the advisory notification, android users are further urged to adopt the use of verified and trusted anti-malware applications to help checkmate all the various applications on their mobile android device.
Legit.ng gathered that Zimperium, a mobile security company embarked on research that discovered several applications that transmit the "Schoolyard Bully" malware while disguising themselves as reading and educational apps with a variety of books and topics for their victims to study.
PAY ATTENTION: Сheck out news that is picked exactly for YOU ➡️ find the “Recommended for you” block on the home page and enjoy!
The research also discovered that some of these applications were available in Google Play Store and were taken down but still spread via third-party Android app shops.
Damages of malware to android devices
As contained in the statement, malware causes damage to all version of Facebook, and steal all the valuable information required to gain full access to the Facebook account.
The NCC-CSIRT revealed that the Zimperium also uncovered that malware uses JavaScript injection to steal Facebook login information.
It is said that the malware appears like the usual legit URL inside a WebView with malicious JavaScript injected to obtain the user's contact information (phone number, email address, and password), then send it to the command-and-control server.
Furthermore, malware uses native libraries to evade detection and analysis by security software and machine learning technologies.”
The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.
The CSIRT also works collaboratively with Nigerian Computer Emergency Response Team (ngCERT), established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting, and securing Nigerian cyberspace to forestall attacks, and problems or related events.
NCC warns Nigerians to remove 5 google chrome extensions on their phone, laptop immediately
Similarly, the NCC has urged Nigerians who use five Google Chrome extension apps to uninstall them immediately.
The Communications warns that the apps have been designed to steal users' information.
Interestingly, the apps listed have been downloaded over 1 million times by users around the world.
Source: Legit.ng
