The Nigerian Communications Commission (NCC) has alerted citizens of the existence of an extremely damaging malware, Flubot, which is now in circulation across the country.
NCC’s director of public affairs, Ikechukwu Adinde, on Friday, October 22, said the commission just got information from the Nigeria Computer Emergency Response Team (ngCERT) about the harmful nation of the virus, Daily Trust reports.
Adinde, quoting ngCERT, in a statement said that Flubot “targets Androids with fake security updates and App installations.”
He disclosed further that the malware is majorly spread through Short Message Service (SMS) to phones.
The NCC went on to list the damages Flubot can cause when it takes over an Android device:
Do you have a groundbreaking story you would like us to publish? Please reach us through email@example.com!
NIN: Why your phone is still barred from making calls after you submitted your details for reactivation
- Impersonates Android mobile banking applications
- Draw fake web view on targeted applications
- Steals credit card details or online banking credentials
- Pretends to be “FedEx, DHL, Correos, and Chrome applications
- Compels unsuspecting users to alter phones' accessibility configurations
- Copies fake login screens of prominent banks
- Intercepting banking-related One Time Passwords (OTPs)
- Replaces default SMS app on targeted devices
- Secures admittance into devices through SMS
Steps for prevention
The commission lists advisory of ngCERT on how to avoid being a victim as follows:
- Do not click on the link if you receive a suspicious text message, and do not install any app or security update the page asks you to install.
- Use updated antivirus software that detects and prevents malware infections.
- Apply critical patches to the system and application.
- Use strong passwords and enable Two-Factor Authentication (2FA) over logins.
- Back up your data regularly.
- If you have been affected by this campaign, you should reset your device to factory mode as soon as possible. This will delete any data on your phone, including personal data.
- Do not restore from backups created after installing the app. You may contact ngCERT on *firstname.lastname@example.org* for technical assistance.
- You will also need to change the passwords to all of your online accounts, with urgency, around your online bank accounts.
- If you have concerns that your accounts may have been accessed by unauthorised people, contact your bank immediately.
No more extension, NCC issues final warning to Nigerians yet to link their SIM with NIN
Meanwhile, the NCC had issued a stern warning to Nigerians yet to have their Subscriber Identity Modules(SIM) cards linked with their National Identity Numbers (NIN) to do so before the Sunday, 31st, October deadline.
According to the commission, those yet to comply will no longer be able to use their lines upon the expiration of the deadline.
NCC issued this warning in a statement after the conclusion of the second edition of the Telecoms Consumer Town Hall radio program, held on Wednesday.