NCC Alerts Nigerians Of Dangerous Malware Stealing Details of Bank Apps

The Nigerian Communications Commission’s Computer Security Incident Response Team has warned Nigerians about a newly discovered malicious software stealing users’ banking app login credentials on Android devices.

According to the commission, the malicious software called ‘Xenomorph’, which has been found to target 56 financial institutions from Europe, has a high impact and high vulnerability rate.

It added that the main intent of this malware was to steal credentials, combined with the use of SMS and notification interception to log-in and potential two-factor authentication tokens.

In a statement, NCC said, “Xenomorph is propagated by an application that was slipped into Google Play store and masquerading as a legitimate application called ‘Fast Cleaner’ ostensibly meant to clear junk, increase device speed and optimise battery.

“In reality, this app is only a means by which the Xenomorph Trojan could be propagated easily and efficiently. To avoid early detection or being denied access to the PlayStore, ‘Fast Cleaner’ was disseminated before the malware was placed on the remote server, making it hard for Google to determine that such an app is being used for malicious actions.

“Once up and running on a victim’s device, Xenomorph can harvest device information and Short Messaging Service, intercept notifications and new SMS messages, perform overlay attacks, and prevent users from uninstalling it. The threat also asks for Accessibility Services privileges, which allow it to grant itself further permissions.”

According to the commission’s CSIRT, the malware stole victims’ banking credentials by overlaying fake login pages on top of legitimate ones and since it could intercept messages and notifications, it allowed its operators to bypass SMS-based two-factor authentication and log into the victims’ accounts without alerting them.

The CSIRT security advisory said Xenomorph has been found to target 56 internet banking apps: 28 from Spain, 12 from Italy, 9 from Belgium, and 7 from Portugal; as well as Cryptocurrency wallets and general-purpose applications like emailing services.

Although the Fast Cleaner app has been removed from the Play Store, it garnered 50,000+ downloads, according to the NCC.


Punch

Comments

Post a Comment

Disclaimer: Comments made by readers of this blog are strictly the views and opinions of the writers and not that of Nedu Echianu's Blog.

Credit is given to the original sources of culled stories, but in a situation where your story is wrongfully credited to someone else, please contact neduechianu@gmail.com for an immediate correction.

For eye witness reports, stories and features which you want published on this blog please contact me on +234-8037036168 or neduechianu@gmail.com.

Trending

10 ways people kill their cars

Image
The famous dictum “If you look after your car, your car will look after you” is certainly true in many respects. Sadly, though, few motorists are knowledgeably caring for, or fully understand, the way their vehicles work. Some functional knowledge will keep your relationship with your automobile running smoothly! Many drivers are actually unknowingly damaging their vehicles or, at the very least, making themselves quite vulnerable to some mischievous roadside mechanics. The following are the 10 of the most common mistakes motorists make every day while completely oblivious of the damaging consequences.
Read More

2016 Budget: Senate meets NLC, TUC, other CSOs Wednesday

Image
In fulfillment of its pledge to make all legislative activities of the National Assembly open to all Nigerians, the leadership of the 8th Senate would on Wednesday engage the Nigerian Labour Congress (NLC), Trade Union Congress (TUC) and other Civil Society Organizations (CSOs) in an interactive session to get their observations on and input into the 2016 Appropriation Bill now being considered by the National Assembly.
Read More

Peter Obi Dumps PDP, Pulls Out Of Presidential Race

Image
Peter Obi, former governor of Anambra State and running mate to the Presidential Candidate of the Peoples Democratic Party (PDP) in the 2019 election, has withdrawn from the presidential race. Daily Trust reports that Obi, who had gone round the country to seek the support of delegates for the presidential primary, pulled out of the exercise less than 72 hours to the contest. Reports say Obi has already submitted a letter to the chairman of his Ward in Anambra to notify him of his resignation from the party. He has also written to the National chairman of the PDP, Dr Iyorchia Ayu, over his decision to quit the opposition party. Commenting on the development, Doyin Okupe, Director General, Peter Obi Campaign Organisation, asked Nigerians not to give up on Obi as he would be on the ballot for the 2023 Presidential poll.
Read More

Primaries: Ekweremadu Warns PDP Against A Repeat of Zamfara Scenario

Image
Former Deputy President of the Senate, Senator Ike Ekweremadu, has warned the People's Democratic Party (PDP) against towing the same path that eroded the All Progressives Congress (APC) victory in governorship, National Assembly and other victories in the 2019 general election. It is recalled that Supreme Court’s five-member panel of Justices, had in a unanimous judgment in May 2019, voided all votes cast for the APC and consequently sacked the party's candidates, who were declared winners in the February 23 and March 16, 2019 general election in the state by the Independent National Electoral Commission (INEC), ruling that the party had no candidates in the elections, having failed to conduct primaries in accordance with its own rules and as required by law. But speaking through his governorship campaign organisation at the weekend, Ekweremadu advised the PDP to be careful so as not to make the same mistake. He spoke vide a statement by the Director-General of the
Read More

Senator Rochas Okorocha Finally Surrenders To EFCC Operatives

Image
The Economic and Financial Crimes Commission (EFCC) has arrested Chairman of the Senate Committee on Culture and Tourism as well as a presidential aspirant on the platform of All Progressives Congress (APC), Rochas Okorocha, from his residence, ending the back and forth argument over his invitation on alleged diversion of public funds and properties to the tune of N2.9 billion. Okorocha was said to have finally surrendered and allowed officials of the anti-graft agency to pick him up from his house after they had broken into the residence, shooting to scare anyone that may wish to prevent them.
Read More

20 Things You Must Know before Saying "I do"

Image
I couldn’t believe my ears when he proposed. I haven’t stopped looking at the ring. Is this real? I was so excited even the stranger on the street could tell something great just happened. Like a whirlwind, we started all the preparation for the big day. We didn’t spare a dime in our quest to have the wedding of our dreams. After the wedding, we both were exhausted and had a well-deserved one month honeymoon far away on one of Denmark’s coldest islands. I wish this was all that marriage was. I had got used to waking up about half nine to a cup of coffee and a warm kiss from the love of my life. We’d have a shower together, then have breakfast while we looked over the beach. We constantly looked into each other’s eyes with so much assurance of facing the future together. We’d take a long walk in each other's arms and have a nap just about noon. We did lots of kayaking and scuba diving during the day before settling into a nice buffet dinner. Having no one wait on you for anything
Read More

UNIBEN Officials Disown Claims of Cure for HIV

Image
The University of Benin has disowned claims which has been widely circulated in the Nigerian media that its researchers have found a cure for HIV/AIDS. The refutal comes a day after one of its professors, Isaiah Ibeh, announced a new drug which he said was capable of wiping out the virus from a patient in 30 days.
Read More

Twelve Persons Killed As Terrorists Attack Katsina Community

Image
The Katsina State Police Command has confirmed that terrorists in the early morning of Tuesday, killed twelve people at Gakurdi village, in Jibia Local Government Area of the state. The terrorists were also said to have burnt some farmlands belonging to the residents of the village during the attack. It was learnt that the terrorists arrived in the village on four motorcycles and started shooting indiscriminately. The situation reportedly caused panic in the village, the development which made residents scamper for safety. The Spokesman for the police command, SP Gambo Isah, who confirmed the development, said some villagers who attempted to escape into their farmlands were also killed by the terrorists. He said the Commissioner of Police, Idris Dabban, led a team of security operatives including himself to the village for an on-the-spot assessment of the incident. He added that security operatives were already on top of the situation. Isah said, “The incident is tru
Read More