No recent events yet!
ngCERT is issuing an urgent security alert regarding the infiltration of ViperSoftX malware within Nigerian cyberspace. ViperSoftX is a JavaScript-based Remote Access Trojan (RAT) capable of stealing sensitive information like banking and cryptocurrency details while evading detection and analysis on an infected system. Cybercriminals distribute this malware through infected email attachments, malicious online advertisements, social engineering, and cracked software. When successfully deployed on a system, the Trojan could be used for several malicious activities, leading to system compromise, data exfiltration, financial losses, identity theft, and ransomware attacks. ngCERT advises individuals and organizations to take immediate steps to protect their systems and data from ViperSoftX malware.
ngCERT has observed the resurgence of Tinybanker Malware, also known as “Tinba” or “Zusy”, which is a sophisticated Malware designed to steal sensitive banking information. This Trojan has been used to attack a large number of popular banking websites around the world. Threat actors infiltrate systems primarily through phishing attacks, malicious downloads, and compromised websites. Once inside, it can capture sensitive data which includes login credentials, keystrokes and allow attackers to gain unauthorized access to users' online banking accounts without any of their knowledge using techniques such as Man-in-the-Browser (MITB) attacks, JavaScript Injection, Keylogging, and Packet Sniffing. Tinybanker is the smallest known trojan at 20KB, which makes it much harder to detect; With its source code published online, there is a continuous emergence of new iterations of the malware which makes it to be considered a very destructive malware strain. Individuals and organizations are advise
ngCERT has observed a widespread of the Nymaim malware infections across Nigerian cyberspace. The malware originally designed as a ransomware loader has become a multi-functional threat capable of delivering a variety of malicious payloads, such as banking Trojans, ransomware, and remote access tools (RATs). Known for its stealthy and modular design, Nymaim uses advanced techniques to evade detection and maintain persistence on infected systems. By leveraging social engineering, advanced obfuscation, and modularity, Nymaim poses a significant threat to individuals and organizations. Defending against such threats requires a multi-layered approach, including regular software updates, user awareness, and advanced threat detection tools. As Nymaim continues to evolve, staying vigilant and proactive is essential to mitigate its impact.
ngCERT is aware of an ongoing distribution of a new malware strain dubbed Playfulghost. The malware has been identified as a backdoor that enable attackers to remotely execute a range of activities once a device is infected. Some of the malware capabilities include keylogging, screen capture, audio capture, remote shell, and file transfer/execution features. According to Google's Managed Defense team, the attackers are leveraging popular VPN applications as a delivery mechanism, embedding the malware payload within legitimate applications, and distributing it through Search Engine Optimization (SEO) poisoning and phishing campaigns. The malware poses significant risks, including system takeover, data theft, financial losses, and potential ransomware attacks. ngCERT strongly advises individuals and organizations to take immediate steps to secure their systems and data from this emerging threat.
ngCERT’s attention has been drawn to increased phishing campaigns within Nigeria's cyber ecosystem. These campaigns involve spreading fraudulent, deceptive calls or messages aimed at stealing Personally Identifiable Information (PII) and bank account details of unsuspecting individuals. These phishing messages are usually spread through, emails, SMS, WhatsApp, and other social media platforms mimicking reputable organizations. Successful phishing attacks could result to financial losses, identity theft, and possibly reputational damage among other negative impacts. In this regard, the general public should be mindful of various forms of phishing attacks, particularly during the Yuletide season, while taking proactive steps to stay safe.
