NCC warns users to download apps only from official websites as ‘Schoolyard Bully’ malware attacks 300,000 devices

NCC warns users to download apps only from official websites as ‘Schoolyard Bully’ malware attacks 300,000 devices

A Facebook account credential-stealing malware known as “Schoolyard Bully” has infected over 300,000 Android devices, prompting the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) to issue an advisory to only download applications from official websites and application stores.

The NCC-CSIRT advisory in this regard further recommended that users double-check each application and remove the checkboxes that ask for additional third-party downloads when installing apps downloaded from the Google Play store, and to use anti-malware applications to routinely scan their devices for malicious software. .

Researchers from mobile security firm Zimperium found several apps that transmit “Schoolyard Bully” malware while masquerading as reading and educational apps with a variety of books and subjects for their victims to study.

The malicious apps were available on Google Play, have already been removed. However, they still proliferate via third-party Android app stores.

The main goal of the malware, which affects all versions of Facebook Apps for Android, is to steal Facebook account information, including email address and password, account ID, username, device name, device RAM (Random Access Memory), and device API ( Application Programming Interface).

According to the NCC-CSIRT, “(Zimperium) research stated that the malware uses JavaScript injection to steal the Facebook login credentials.

“The malware loads a legitimate URL (web address) into a WebView (a WebView maps website elements that enable user interaction through Android View objects and their extensions) with malicious JavaScript injected to obtain the user’s contact information (phone number, email address, and password) , and send it to the command-and-control server.

Furthermore, malware uses native libraries to avoid detection and analysis by security software and machine learning technologies.”

See also  When will the next Free Fire update be available for download? Expected date and more

CSIRT is the telecoms sector’s cyber security insight center set up by the NCC to focus on incidents in the telecoms sector and as they may affect telecoms consumers and citizens at large.

CSIRT also collaborates with the Nigerian Computer Emergency Response Team (ngCERT), established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting and securing Nigerian cyberspace to prevent attacks and problems or related incidents.

Leave a Reply

Your email address will not be published. Required fields are marked *