By Adedapo Adesanya
The Nigerian Communications Commission (NCC) has alerted telecom consumers and the general public that a new Android malware named ‘AbstractEmu’, had been discovered.
NCC said the malware can gain access to smartphones, take complete control of infected smartphones and silently modify device settings while simultaneously taking steps to evade detection.
This discovery was announced recently by the Nigerian Computer Emergency Response Team (ngCERT), the national agency established by the Federal Government to manage the risks of cyber threats in Nigeria, which also coordinates incident response and mitigation strategies to proactively prevent cyber-attacks against Nigeria.
“AbstractEmu has been found to be distributed via Google Play Store and third-party stores such as the Amazon Appstore and the Samsung Galaxy Store, as well as other lesser-known marketplaces like Aptoide and APKPure,” the report said.
The advisory stated that a total of 19 Android applications that posed as utility apps and system tools like password managers, money managers, app launchers, and data saving apps have been reported to contain the rooting functionality of the malware.
The apps are said to have been prominently distributed via third-party stores such as the Amazon Appstore and the Samsung Galaxy Store, as well as other lesser-known marketplaces like Aptoide and APKPure. The apps include All Passwords, Anti-ads Browser, Data Saver, Lite Launcher, My Phone, Night Light and Phone Plus, among others.
According to the report, rooting malware although rare, is very dangerous. By using the rooting process to gain privileged access to the Android operating system, the threat actor can silently grant itself dangerous permissions or install additional malware – steps that would normally require user interaction. Elevated privileges also give the malware access to other apps’ sensitive data, something not possible under normal circumstances.
The ngCERT advisory also captured the consequences of making their devices susceptible to AbstractEmu attacks. Once installed, the attack chain is designed to leverage one of five exploits for older Android security flaws that would allow it to gain root permissions. It also takes over the device, installs additional malware, extracts sensitive data, and transmits to a remote attack-controlled server.
Additionally, the malware can modify the phone settings to give the app ability to reset the device password, or lock the device, through device admin; draw over other windows; install other packages; access accessibility services; ignore battery optimisation; monitor notifications; capture screenshots; record device screen; disable Google Play Protect; as well as modify permissions that grant access to contacts, call logs, Short Messaging Service (SMS), Geographic Positioning System (GPS), camera, and microphone.
The ngCERT also asserts in the advisory that, while the malicious apps were removed from Google Play Store, the other app stores are likely distributing them. Consequently, the NCC wishes to reiterate a two-fold ngCERT advisory in order to mitigate the risks. The two-fold advisory include:
- Users should be wary of installing unknown or unusual apps, and look out for different behaviours as they use their phones.
2. Reset your phone to factory settings when there is suspicion of unusual behaviours in your phone.
The NCC, in the exercise of its mandate and obligation to the consumers, said it “will continue to sensitise and educate telecoms consumers on any cyber threat capable of inflicting low or high-impact harms on their devices, whether discovered through the ngCERT or the telecom sector’s Centre for Computer Security Incident Response managed by the Commission.”
Business Post had earlier reported that the commission had warned telecom consumers of the existence of new, high-risk and extremely damaging, Android device-targeting Malware called Flubot and outlined steps to prevent the eir devices from being attacked by the virus.
Interswitch Champions ePayments Ecosystem Growth
By Modupe Gbadeyanka
Interswitch has thrown its full weight behind the 2021 Annual Committee of e-Business Industry Heads (CeBIH) retreat as part of its commitment to champion the epayments ecosystem growth.
This is the fifth consecutive year the leading integrated payments and digital commerce company is sponsoring the programme, which is a platform through which the committee examines key innovations in the payment industry over the past year and discuss insights and trend for the coming year.
This year’s retreat is slated to hold on December 2 and 3, 2021, in Abeokuta, Ogun State and would be attended by various stakeholders in the sector.
The 2021 Annual CeBIH Retreat tagged Innovative Digital Banking will focus on issues around the growth of digital payments in Nigeria and how technological innovations such as digital currencies, blockchain, 5G network, contactless payments, among others, will dominate the payment industry in the coming years.
Interswitch as a key industry stakeholder will be instrumental in spearheading these discussions, especially with its recent efforts around blockchain technology and other solutions around contactless payments.
The digital payment company has been an ardent supporter of the committee and its objectives, underpinned by a shared objective of enabling further development of the digital payments ecosystem in Nigeria.
This sponsorship highlights its interest in fostering deeper collaboration between banks and fintechs within the industry ecosystem.
Speaking on the forthcoming retreat, Mr Akeem Lawal, Managing Director for Transaction Switching & Payment Processing at Interswitch reiterated the importance of Interswitch’s participation in industry events such as the CeBIH Retreat, where critical issues, trends and analysis around the payment ecosystem are discussed.
He described the retreat as a necessity for industry players to assess the current state of things and make calculable projections for the future, with the aim to improve and deepen Nigeria’s payment system.
“This retreat remains important for stakeholders in the payment industry and offers an opportunity for Interswitch to be introspective about the steps taken to improve the payment system in Nigeria and in Africa as a whole,” Mr Lawal said.
“We at Interswitch remain committed to supporting and participating at platforms that share our vision to drive greater financial inclusion and prosperity across Nigeria and the Africa continent.
“Platforms such as the CeBIH annual retreat provide Interswitch and other industry players the impetus to engage with key stakeholders and collaborators from the banking system with a view towards improving our offerings to our customers viz-a-viz market demands, global trends and insights from the operating environment,” he added.
Cyber Threats in Nigeria Drop 7.5% in 2021—Kaspersky
By Adedapo Adesanya
Cyber threats in Nigeria in 2021 depreciated by 7.5 per cent, according to the latest research by Kaspersky.
This dramatic change in the threat landscape is coming at a time regular and self-propagating malware is decreasing dramatically, as it is no longer effective and cannot fly under security radars.
Security researchers at Kaspersky noticed that Kenya recorded the highest decline with an unprecedented 28.6 per cent, while South Africa saw a 12 per cent decrease.
The reason for such a change was the introduction and popularisation of new cybercrime models in the region, with cybercrime tools becoming more targeted along with a long-running trend where malware creators rely not on the technical advantage of their technologies over security protection, but on the human factor.
The cybersecurity firm noted that this has stimulated the evolution of phishing schemes in 2021. In particular, the region saw a wave of ‘Anomalous’ spyware attacks.
The usual phishing spyware attack begins when attackers infect a victim by sending them an e-mail with a malicious attachment or a link to a compromised website and ends when the spyware is downloaded and activated on the victim’s device.
Having gathered all necessary data, the operator usually ends the operation by attempting to leave the infected system unnoticed. In anomalous attacks, however, the victim’s device becomes not only a source of data but also a tool for spyware distribution.
Having access to the victim’s email server, the malware operators use it to send phishing emails from a legitimate company’s email address. In this case, anomalous spyware attacks an organisation’s server for collecting stolen data from another organisation and sending further phishing emails.
Speaking on this, Maria Garnaeva, Senior Security Researcher at Kaspersky ICS CERT team, “The Anomalous spyware attacks have a huge potential for growth in South Africa, Kenya and Nigeria in 2022, because unlike regular spyware the entry-level for attackers who wish to employ this tactic is significantly lower – since instead of paying for their own infrastructure, they abuse and employ the victims’ resources.
“We see that cheaper attack methods have always been on the rise in the region and cybercriminals quickly pick up on new tactics. Kaspersky, therefore, suggests that in the nearest future, these countries should be prepared for such attacks.”
She explained that the mass scale attacks are not disappearing, but rather transforming with the scheme usually following a style where a user searches for a free version of an extremely popular legitimate spyware and the cybercriminals offer them a fake installer using ‘black SEO technic’ – the abuse of the legitimate search engines, resulting in the offering of the fraudulent websites first.
As a result of software installer execution, a few dozen malware samples are downloaded and installed with the goal of turning the infected devices into a part of the Glupteba botnet.
The whole fake installers campaign and botnet have been extremely active in South Africa in 2021 and continue to evolve, yet it is scarcely researched.
“While the Glupteba botnet seems to be a threat for consumers, we are still researching it and keeping an eye on its behaviour, since some distributed malware resembles APT-related samples like Lazarus APT groups and were recently used in the largest DDoS attack in Russia. It is too early to say it with a high level of confidence, but these factors may suggest that we are now entering the era where APT actors start to use existing malware distribution platforms which makes attribution of such attacks harder and opens a new vector similar to supply chain attacks,” added Ms Garnaeva.
Recommendations from Kaspersky
In order to stay protected from such new cybercrime models and threats, Kaspersky recommends the following:
– Pay close attention to and don’t open any suspicious files or attachments received from unknown sources.
– Do not download and install applications from untrusted sources.
– Do not click on any links received from unknown sources and suspicious online advertisements.
– Create strong passwords and don’t forget to change them regularly.
– Always install updates. Some of them may contain critical security issues fixes.
– Ignore messages asking to disable security systems for office software or antivirus software.
– Use a robust security solution appropriate to your system type and devices, such as Kaspersky Internet Security.
Zeepay, KudiGo, mPharma, Others Win at Ghana Fintech Awards 2021
By Modupe Gbadeyanka
It was a memorable day a few days ago when the key stakeholders in the financial technology (fintech) sector in Ghana gathered in Accra for the Ghana Fintech Awards 2021.
At the event, organised by Arkel Consult and Management Services Limited in partnership with Abjel Communications, Zeepay Ghana Limited went home as the Fintech Company of the year, while Andrew Takyi-Appiah was announced as fintech personality of the year in the male category, with the female category was Dede Afriyie Quarshie.
The Start-up Fintech of the year was Paybox, the Fintech & Bank partnership of the year was Ghana Interbank payment & settlement systems, while the Fintech & Non-Bank partnership was clinched by KudiGo Incorporated.
Business Post reports that the Agritech of the year was Kwidex, the Healthtech of the year was mPharma, the Edutech of the year was Blossom Academy, the Insurtech of the year was Insurerity Digital, while the IT/Tech of the year was Clydestone Ghana LTD.
The organisers also announced BPC Banking Technologies as the Leading Payments Technologies Service Provider 2021, while Panamax Incorporated was announced as the Leading Fintech Solutions Provider 2021.
Speaking at the maiden awards held at the Best Western Premier Hotel in Accra, the President of the African Fintech Network (AFN), Mr Segun Aina, disclosed that the “Ghana Fintech Awards has come at a time when the Bank of Ghana has observed that there are over 70 Fintech companies and startups operating in the country.”
“It is highly appropriate to say Arkel Consult and Abjel Communications have identified the economic contribution of the fintech startups and companies and decided to recognize their efforts by hosting this event. My hearty congratulations to these organisers for the foresight in putting up this event,” he added.
He assured that “AFN will look forward to inaugurating the Ghana Fintech Association and will be happy to support the sustenance of the Ghana Fintech Outlook Conference and Awards as an annual ecosystem event in partnership with the Ghana Fintech Association.”
Mr Martin Kwame Awagah, Director of Arkel Consult and Management Services Limited, expressed appreciation to Panamax Inc. Zeepay Ghana Limited, BPC Banking Technologies, Brassica Pay, EziPay, DreamOval, MTN Mobile Money Limited, Pavelon.com, People’s Pension Trust and Tarragon Edge who were the official sponsors of the ceremony.
He congratulated the shortlisted nominees and the winners for their efforts in promoting the growth of the fintech space in the country.
The Ghana Fintech Awards 2021 was created to recognise and acknowledge the achievements of individuals and companies who are contributing to the growth of Ghana’s financial and technology ecosystem.
Like Our Facebook Page
Latest News on Business Post
- SERAP Sues FG for Shutting Down Telecommunications December 5, 2021
- Enugu Disco Launches App for Seamless Services December 5, 2021
- We’re Yet to Receive Formal Report of Sylvester Oromoni’s Death—Police December 4, 2021
- Investors Gain N1.09bn as NASD Share Price Rises 9.1% December 4, 2021
- Naira Trades N414.73/$1 as Cryptos Bleed Heavily December 4, 2021
- Crude Mixed as Market Remains Unsettled by Omicron Jitters December 4, 2021
- MTN, FBNH Drag ASI to 5th Consecutive Losing Streak December 4, 2021
- Putin Stresses Broadening Economic Cooperation with Nigeria, Others December 3, 2021
- Excitement as NG Clearing Sets to Launch December 9 December 3, 2021
- Akwa Ibom Assembly Passes N586.9bn Appropriation Bill December 3, 2021
Feature/OPED2 years ago
Davos was Different this year
Economy5 years ago
Kwara Disburses N1.7b For Projects
Travel/Tourism5 years ago
Lagos Seals Western Lodge Hotel In Ikorodu
Technology12 months ago
How To Link Your MTN, Airtel, Glo, 9mobile Lines to NIN
Economy5 years ago
How To Identify Fake Naira Notes
Banking3 years ago
Sort Codes of GTBank Branches in Nigeria
Economy4 years ago
NSE Market Capitalisation Sheds N76b as Sell‐offs Persist
Economy4 years ago
FAAC: FG, States, LGs Share N655.18b in January