NITDA urges against malware attack targeting Facebook users
Umar said, “When users click on the advertisement, they will be redirected to a malicious discord URL which executes the malware through a PowerShell script.”
The National Information Technology Development Agency (NITDA) has warned Nigerians to be mindful of a new malicious malware, ‘OV3R_Stealer’, aimed at attacking Facebook users.
This is contained in an advisory released in Abuja on Monday by the agency’s Head, Corporate Affairs and External Relations, Mrs. Hadiza Umar.
“A new threat, known as Ov3R_Stealer malware, has emerged, targeting users on Facebook and spreading through deceptive job advertisements and fake accounts.
“Users become infected by clicking on these malicious advertisement links.
“The malware employs various execution methods to extract sensitive data from victims," an NITDA spokesperson said.
According to her, the Ov3R_Stealer malware can also be used as a dropper for other malware, including ransomware.
Umar said, “When users click on the advertisement, they will be redirected to a malicious discord URL, which executes the malware through a PowerShell script.”
Umar said the Powershell masquerades as a Windows Control Panel (CPL) file to download the malware payload from a GitHub repository.
“Ov3r_Stealer poses a significant risk by silently exfiltrating a wide range of personal and sensitive information, including geo-location (based on IP), hardware information, passwords, cookies, and credit cards, among others.
“This data is subsequently transmitted to a telegram channel where it is possibly sold or used for phishing attacks.
“There is need to ensure that users software are always updated and to avoid clicking on advertisement links, especially on social media
platforms.
“Ensure your system's antivirus is updated regularly and stay updated on new and evolving threats,” she said.