The Nigeria Communications Commission (NCC) has warned Nigerians to be wary of a new Malware called “Schoolyard Bully.”
According to the Commission’s Computer Security Incident Response Team (NCC-CSIRT), the malware that steals Facebook account credentials has infected over 300,000 Android devices globally.
In its latest advisory, the NCC-CSIRT reminded Nigerian mobile users to only download applications from official sites and application stores.
Further recommendations: The NCC-CSIRT advisory in this regard further recommended that users double-check each application and uncheck boxes that request extra third-party downloads when installing apps downloaded from the Google Play Store and to use anti-malware applications to routinely scan their devices for malware.
It added that researchers from mobile security firm, Zimperium, found several apps that transmit the “Schoolyard Bully” malware while disguising themselves as reading and educational apps with a variety of books and topics for their victims to study.
The malicious apps were available on Google Play, yet they have already been taken down. However, they still spread via third-party Android app shops.
The primary objective of the malware, which affects all versions of Facebook Apps for Android, is to steal Facebook account information, including the email address and password, account ID, username, device name, device RAM (Random Access Memory), and device API (Application Programming Interface).
How the malware attacks: Explaining how the malware attacks its victims, NCC-CSIRT said:
- “The (Zimperium) research stated that the malware employs JavaScript injection to steal the Facebook login information. The malware loads a legitimate URL (web address) inside a WebView (a WebView maps website elements that enables user interaction through Android View objects and their extensions) with malicious JavaScript injected to obtain the user’s contact information (phone number, email address, and password), then send it to the command-and-control server.
- “Furthermore, the malware uses native libraries to evade detection and analysis by security software and machine learning technologies.”
In case you missed it: Recall that the NCC’s Computer Security Incident Response Team (NCC-CSIRT) previously warned Nigerians about other possible cyber attacks. Most recently, it warned about the potential harm of participating in the Invisible Challenge on TikTok.
Earlier on, Nigerians were warned about the discovery of malware that compromises victims’ VPN (Virtual Private Network) accounts to attach messaging app, Telegram.
