Connect with us


NITDA warns Nigerians over new malware attack targeting Facebook users




The National Information Technology (NITDA)’s Computer Emergency Readiness and Response Team (CERRT) has alerted Nigerians to a new malware attack identified as ‘Ov3r Steale’ targeting Facebook users.

The Agency in an advisory released on Monday said the new threat deceives Facebook users to click on malicious links under the guise of job advertisement. It then gains access to the users’ sensitive information and extracts their data for attacks.

NITDA added that when users click on the advertisement, they are redirected to a malicious Discord URL which executes the malware through a PowerShell script masquerading as a Windows Control Panel (CPL) file to download the malware payload from a GitHub repository.

To guard against attacks, NITDA advised Nigerians to always ensure that their apps are always

updated. It added that Facebook users should also be wary of clicking on advertisement links, especially on social media platforms.

The Agency also urged Nigerians to ensure that their systems’ antivirus are updated regularly and ensure they stay updated on new and evolving threats.

With social media becoming part of the daily lives of individuals and businesses, cybercriminals are now focusing more on using different social media platforms to attack and defraud users.

The most common way that malware infection occurs is by opening an attachment or clicking a link in a malicious email, which many people are familiar with – but what is not always considered is how easy it could be to click on an unsafe link in a social media platform, potentially granting access to devices and accounts on your network.

In 2022, Avast researchers discovered that a password stealer called Redline Stealer was being spread through hacked Facebook business pages in Brazil, Slovakia, and the Philippines.

The ISP Viu Internet from Brazil, which had 15,000 Facebook followers, had posts offering free downloads of tools, apps, wallpaper, and games that appeared on their page. By clicking to download, the user would instead get infected with Redline Stealer.