Measures to Protect Against Attack
The Nigerian Communications Commission (NCC) has warned Nigerian telecommunications customers about the presence of Flubot, a new high-risk virus.
Flubot “targets androids with phoney security updates and app downloads,” according to the Nigeria Computer Emergency Response Team (ngCERT).
According to the ngCERT, Flubot “impersonates Android mobile banking applications to draw phoney web views on targeted applications,” and its purpose extends beyond stealing personal data, credit card numbers, or online banking passwords.
NCC noted in a statement issued by its Director of Public Affairs, Dr. Ike Adinde, that FluBot is distributed by SMS and can snoop “on incoming alerts, make calls, read or write SMS, and transfer the victim’s contact list to its control centre.”
The virus infects Android smartphones by impersonating “FedEx, DHL, Correos, and Chrome apps” and forces unwary users to change the accessibility settings on their devices in order to sustain continuous presence on devices.
It compromises device security by replicating fake login screens of prominent banks. When users enter their login details on the fake pages, their data is harvested and transmitted to the malware operators’ control point, where it is exploited by intercepting banking-related One Time Passwords (OTPs) and replacing the default SMS app on the targeted device.
As a result, it gains access to the device through SMS and then sends identical messages to other contacts on the device it has hacked, persuading them to download the bogus software.
When Flubot infects a gadget, unimaginable financial damages can occur. Furthermore, the software instals a backdoor that provides the invader or attacker access to the user’s device, allowing the invader or attacker to execute further illegal acts, such as launching other types of malware.
In light of this discovery and understanding of the process by which this malware operates, and in order to protect millions of telecoms consumers and prevent criminal forces from using telecom platforms to perpetrate fraud and irreparable damage, the NCC reiterated ngCERT’s advice as follows: “Do not click on the link if you receive a suspicious text message, and do not install any app or security update the page asks you to install.”
“Utilize up-to-date antivirus software to identify and prevent malware attacks.” Apply crucial system and application fixes. Strong passwords should be used, and Two-Factor Authentication (2FA) should be enabled for logins. Make frequent backups of your data.
“If you were impacted by this campaign, you should restore your device to factory settings as soon as possible.” This will erase all data on your phone, including personal information.
“Do not use backups produced after installing the programme to restore.” For technical support, please contact ngCERT at [email protected]”
While the commission increases its efforts to ensure increased broadband access, allowing telecoms consumers to carry out their legitimate online activities more efficiently and effectively, it also reiterates its commitment to empowering consumers through useful information and education to protect them from becoming victims of all types of cyber-attacks while online.
This is why NCC is launching the telecommunications sector’s Centre for Computer Security Incident Response on September 30, 2021.