By Sodeinde Temidayo David
The Nigerian Communications Commission (NCC) has alerted Nigerian telecom users of the existence of a new high-risk and extremely damaging malware called Flubot.
The NCC’s Director of Public Affairs, Mr Ikechukwu Adinde, said the malware is like every other malicious software and program designed specifically to disrupt, damage, or gain unauthorized access to a computer system.
“When Flubot infects a device, it can result in incalculable financial losses. Additionally, the malware creates a backdoor which grants access to the user’s device, thus enabling the invader or attacker to perform other criminal actions, including launching other variants of malware,” he said.
Information from the Nigeria Computer Emergency Response Team (ngCERT) revealed that Flubot malware targets androids with fake security updates and app installations.
The Flubot impersonates android mobile banking applications to draw fake web views on targeted applications, and its goal transcends stealing personal data and essentially targets stealing of credit card details or online banking credentials.
This malware can also be circulated through Short Message Service (SMS) and can snoop on incoming notifications, initiate calls, read or write SMSes, and transmit the victim’s contact list to its control centre.
It attacks Android devices by pretending to be FedEx, DHL, Correos, and Chrome applications and compels unsuspecting users to alter the accessibility configurations on their devices in order to maintain a continuous presence on devices.
The new malware damages the security of devices by copying fake login screens of prominent banks, and the moment the users enter their login details on the fake pages, their data is collected and transmitted to the malware operators’ control point.
This control quarter is where the data is exploited by intercepting banking-related One Time Passwords (OTPs) and replacing the default SMS app on the targeted Android device.
The malware is also capable of securing access into the device through SMS and proceeds to transmit similar messages to other contacts that may be on the device it has attacked, enticing them into downloading the fake app.
In a bid to tackle this malicious action, protect millions of telecom consumers and prevent criminal forces from using telecom platforms to execute fraud and complete damages, the NCC also listed measures to guard against attacks from Flubot.
Telecom users are expected not to install any app or security update following a page request, also not to click on any link when they receive a suspicious text message.
Users should also consider the use of updated antivirus software that detects and prevents malware infections, and apply critical patches to the system and application.
Also, the use of strong passwords and enabling Two-Factor Authentication (2FA) over logins should be embraced.
Data should be Backed-up regularly, and if affected by this campaign, victims should reset their device to factory mode as soon as possible as this will delete any data on your phone, including personal data.
According to the NCC, backups made after installing the malicious program should not be restored, and victims may contact ngCERT platform for technical assistance.
Infected personnel will also need to change the passwords to all of y online accounts, with urgency, around online bank accounts.
If anyone has concerns that their accounts may have been accessed by unauthorized people, they are advised to contact their bank immediately.
Interswitch Champions ePayments Ecosystem Growth
By Modupe Gbadeyanka
Interswitch has thrown its full weight behind the 2021 Annual Committee of e-Business Industry Heads (CeBIH) retreat as part of its commitment to champion the epayments ecosystem growth.
This is the fifth consecutive year the leading integrated payments and digital commerce company is sponsoring the programme, which is a platform through which the committee examines key innovations in the payment industry over the past year and discuss insights and trend for the coming year.
This year’s retreat is slated to hold on December 2 and 3, 2021, in Abeokuta, Ogun State and would be attended by various stakeholders in the sector.
The 2021 Annual CeBIH Retreat tagged Innovative Digital Banking will focus on issues around the growth of digital payments in Nigeria and how technological innovations such as digital currencies, blockchain, 5G network, contactless payments, among others, will dominate the payment industry in the coming years.
Interswitch as a key industry stakeholder will be instrumental in spearheading these discussions, especially with its recent efforts around blockchain technology and other solutions around contactless payments.
The digital payment company has been an ardent supporter of the committee and its objectives, underpinned by a shared objective of enabling further development of the digital payments ecosystem in Nigeria.
This sponsorship highlights its interest in fostering deeper collaboration between banks and fintechs within the industry ecosystem.
Speaking on the forthcoming retreat, Mr Akeem Lawal, Managing Director for Transaction Switching & Payment Processing at Interswitch reiterated the importance of Interswitch’s participation in industry events such as the CeBIH Retreat, where critical issues, trends and analysis around the payment ecosystem are discussed.
He described the retreat as a necessity for industry players to assess the current state of things and make calculable projections for the future, with the aim to improve and deepen Nigeria’s payment system.
“This retreat remains important for stakeholders in the payment industry and offers an opportunity for Interswitch to be introspective about the steps taken to improve the payment system in Nigeria and in Africa as a whole,” Mr Lawal said.
“We at Interswitch remain committed to supporting and participating at platforms that share our vision to drive greater financial inclusion and prosperity across Nigeria and the Africa continent.
“Platforms such as the CeBIH annual retreat provide Interswitch and other industry players the impetus to engage with key stakeholders and collaborators from the banking system with a view towards improving our offerings to our customers viz-a-viz market demands, global trends and insights from the operating environment,” he added.
Cyber Threats in Nigeria Drop 7.5% in 2021—Kaspersky
By Adedapo Adesanya
Cyber threats in Nigeria in 2021 depreciated by 7.5 per cent, according to the latest research by Kaspersky.
This dramatic change in the threat landscape is coming at a time regular and self-propagating malware is decreasing dramatically, as it is no longer effective and cannot fly under security radars.
Security researchers at Kaspersky noticed that Kenya recorded the highest decline with an unprecedented 28.6 per cent, while South Africa saw a 12 per cent decrease.
The reason for such a change was the introduction and popularisation of new cybercrime models in the region, with cybercrime tools becoming more targeted along with a long-running trend where malware creators rely not on the technical advantage of their technologies over security protection, but on the human factor.
The cybersecurity firm noted that this has stimulated the evolution of phishing schemes in 2021. In particular, the region saw a wave of ‘Anomalous’ spyware attacks.
The usual phishing spyware attack begins when attackers infect a victim by sending them an e-mail with a malicious attachment or a link to a compromised website and ends when the spyware is downloaded and activated on the victim’s device.
Having gathered all necessary data, the operator usually ends the operation by attempting to leave the infected system unnoticed. In anomalous attacks, however, the victim’s device becomes not only a source of data but also a tool for spyware distribution.
Having access to the victim’s email server, the malware operators use it to send phishing emails from a legitimate company’s email address. In this case, anomalous spyware attacks an organisation’s server for collecting stolen data from another organisation and sending further phishing emails.
Speaking on this, Maria Garnaeva, Senior Security Researcher at Kaspersky ICS CERT team, “The Anomalous spyware attacks have a huge potential for growth in South Africa, Kenya and Nigeria in 2022, because unlike regular spyware the entry-level for attackers who wish to employ this tactic is significantly lower – since instead of paying for their own infrastructure, they abuse and employ the victims’ resources.
“We see that cheaper attack methods have always been on the rise in the region and cybercriminals quickly pick up on new tactics. Kaspersky, therefore, suggests that in the nearest future, these countries should be prepared for such attacks.”
She explained that the mass scale attacks are not disappearing, but rather transforming with the scheme usually following a style where a user searches for a free version of an extremely popular legitimate spyware and the cybercriminals offer them a fake installer using ‘black SEO technic’ – the abuse of the legitimate search engines, resulting in the offering of the fraudulent websites first.
As a result of software installer execution, a few dozen malware samples are downloaded and installed with the goal of turning the infected devices into a part of the Glupteba botnet.
The whole fake installers campaign and botnet have been extremely active in South Africa in 2021 and continue to evolve, yet it is scarcely researched.
“While the Glupteba botnet seems to be a threat for consumers, we are still researching it and keeping an eye on its behaviour, since some distributed malware resembles APT-related samples like Lazarus APT groups and were recently used in the largest DDoS attack in Russia. It is too early to say it with a high level of confidence, but these factors may suggest that we are now entering the era where APT actors start to use existing malware distribution platforms which makes attribution of such attacks harder and opens a new vector similar to supply chain attacks,” added Ms Garnaeva.
Recommendations from Kaspersky
In order to stay protected from such new cybercrime models and threats, Kaspersky recommends the following:
– Pay close attention to and don’t open any suspicious files or attachments received from unknown sources.
– Do not download and install applications from untrusted sources.
– Do not click on any links received from unknown sources and suspicious online advertisements.
– Create strong passwords and don’t forget to change them regularly.
– Always install updates. Some of them may contain critical security issues fixes.
– Ignore messages asking to disable security systems for office software or antivirus software.
– Use a robust security solution appropriate to your system type and devices, such as Kaspersky Internet Security.
Zeepay, KudiGo, mPharma, Others Win at Ghana Fintech Awards 2021
By Modupe Gbadeyanka
It was a memorable day a few days ago when the key stakeholders in the financial technology (fintech) sector in Ghana gathered in Accra for the Ghana Fintech Awards 2021.
At the event, organised by Arkel Consult and Management Services Limited in partnership with Abjel Communications, Zeepay Ghana Limited went home as the Fintech Company of the year, while Andrew Takyi-Appiah was announced as fintech personality of the year in the male category, with the female category was Dede Afriyie Quarshie.
The Start-up Fintech of the year was Paybox, the Fintech & Bank partnership of the year was Ghana Interbank payment & settlement systems, while the Fintech & Non-Bank partnership was clinched by KudiGo Incorporated.
Business Post reports that the Agritech of the year was Kwidex, the Healthtech of the year was mPharma, the Edutech of the year was Blossom Academy, the Insurtech of the year was Insurerity Digital, while the IT/Tech of the year was Clydestone Ghana LTD.
The organisers also announced BPC Banking Technologies as the Leading Payments Technologies Service Provider 2021, while Panamax Incorporated was announced as the Leading Fintech Solutions Provider 2021.
Speaking at the maiden awards held at the Best Western Premier Hotel in Accra, the President of the African Fintech Network (AFN), Mr Segun Aina, disclosed that the “Ghana Fintech Awards has come at a time when the Bank of Ghana has observed that there are over 70 Fintech companies and startups operating in the country.”
“It is highly appropriate to say Arkel Consult and Abjel Communications have identified the economic contribution of the fintech startups and companies and decided to recognize their efforts by hosting this event. My hearty congratulations to these organisers for the foresight in putting up this event,” he added.
He assured that “AFN will look forward to inaugurating the Ghana Fintech Association and will be happy to support the sustenance of the Ghana Fintech Outlook Conference and Awards as an annual ecosystem event in partnership with the Ghana Fintech Association.”
Mr Martin Kwame Awagah, Director of Arkel Consult and Management Services Limited, expressed appreciation to Panamax Inc. Zeepay Ghana Limited, BPC Banking Technologies, Brassica Pay, EziPay, DreamOval, MTN Mobile Money Limited, Pavelon.com, People’s Pension Trust and Tarragon Edge who were the official sponsors of the ceremony.
He congratulated the shortlisted nominees and the winners for their efforts in promoting the growth of the fintech space in the country.
The Ghana Fintech Awards 2021 was created to recognise and acknowledge the achievements of individuals and companies who are contributing to the growth of Ghana’s financial and technology ecosystem.
Like Our Facebook Page
Latest News on Business Post
- FG to Distribute 4 million Meters in First Quarter of 2022 December 5, 2021
- SERAP Sues FG for Shutting Down Telecommunications December 5, 2021
- Enugu Disco Launches App for Seamless Services December 5, 2021
- We’re Yet to Receive Formal Report of Sylvester Oromoni’s Death—Police December 4, 2021
- Investors Gain N1.09bn as NASD Share Price Rises 9.1% December 4, 2021
- Naira Trades N414.73/$1 as Cryptos Bleed Heavily December 4, 2021
- Crude Mixed as Market Remains Unsettled by Omicron Jitters December 4, 2021
- MTN, FBNH Drag ASI to 5th Consecutive Losing Streak December 4, 2021
- Putin Stresses Broadening Economic Cooperation with Nigeria, Others December 3, 2021
- Excitement as NG Clearing Sets to Launch December 9 December 3, 2021
Feature/OPED2 years ago
Davos was Different this year
Economy5 years ago
Kwara Disburses N1.7b For Projects
Travel/Tourism5 years ago
Lagos Seals Western Lodge Hotel In Ikorodu
Technology12 months ago
How To Link Your MTN, Airtel, Glo, 9mobile Lines to NIN
Economy5 years ago
How To Identify Fake Naira Notes
Banking3 years ago
Sort Codes of GTBank Branches in Nigeria
Economy4 years ago
NSE Market Capitalisation Sheds N76b as Sell‐offs Persist
Economy4 years ago
FAAC: FG, States, LGs Share N655.18b in January