In a press statement released on Friday, the NCC alerted telecom consumers about the ‘FluBot’ malware, which the Nigeria Computer Emergency Response Team (ngCERT) reported to be targeting Android devices.
How the ‘FluBot’ malware works
NCC director of public affairs Ikechukwu Adinde said that ‘FluBot’ impersonates mobile banking apps to steal people’s personal and financial data, and may also pretend to be a FedEx, DHL, Correos, or Chrome application. The malware, which is being circulated through SMS, can snoop on the phone’s incoming notifications, initiate calls, read and write text messages and transmit the contact list in the device to its control center. The NCC added that the malware compels phone users to change the accessibility settings on their devices. It may also create a backdoor that will give its creators access to compromised devices, further enabling them to commit other illicit acts such as launching new variants of the malware.
Security tips
The commission advised the public to observe precautions when using their devices. It warned users not to click links from suspicious text messages. Phone users are also encouraged to have updated antivirus software, use strong passwords and enable two-factor authentication logins, as well as apply critical patches to their systems. Those whose phones have already been compromised by the malware can reset their devices to factory setting and change the passwords they use in their online accounts. [coinbase]
