“Fraud Alert”: FG Raises Alarm on Increased Virus Attacks on Nigerians and Businesses

“Fraud Alert”: FG Raises Alarm on Increased Virus Attacks on Nigerians and Businesses

  • The Nigerian government has asked its citizens to be on alert over an increasing wave of ransomware attacks
  • It disclosed that it has detected an increase in virus attacks by Phobos ransomware
  • It asked organizations to secure remote desktop protocol (RDP) ports to prevent threat actors from abusing its tools

Legit.ng’s Pascal Oparada has reported on tech, energy, stocks, investment, and the economy for over a decade.

The Nigerian government has alerted its citizens to the increasing wave of ransomware attacks on businesses and individuals.

The Nigeria Computer and Emergency Response Team (ngCERT) disclosed this on its X handle.

Phobos ransonware, FG
Nigerians and businesses targeted in a new wave of Phobos ransomware attacks Credit: NurPhoto/Contributor
Source: Getty Images

New ransomware targets cloud services

The ngCERT team, which rated the attacks as high and critical, is Nigeria’s Internet police unit under the Office of the National Security Adviser (NSA). 

Read also

SEC to monitor weekly cryptocurrency transactions after suspending Binance services, others

It disclosed that it had detected increased ransomware attacks by Phobos ransomware, targeting critical cloud service providers within Nigeria’s cyberspace.

The team said it is partnering with vulnerable and affected organizations to resolve the incidents and prevent more attacks quickly.

List of top targets by attackers

The body listed the most at-risk entities, including tech and telecommunication providers.

Other targets include education, healthcare, service providers, and NGOs.

It asked organizations to secure remote desktop protocol (RDP) ports to prevent threat actors from abusing and leveraging its tools.

According to reports, the agency disclosed that Phobos attackers gain entry into weak networks via phishing campaigns to deliver hidden payloads or by employing IP scanning tools like angry IP scanners to identify vulnerable RDP ports.

Nigerian banks sack employees over fraud

Read also

CAC to cancel certificates of over 4,000 BDCs after CBN’s decision, gives deadline

Reports also say that the attackers use RDP in Microsoft Windows environments, adding that they deploy spoofed email attachments containing payloads like smoke loaders to initiate injections.

The development comes amid an increasing wave of insider fraud in Nigerian banks.

Legit.ng reported that commercial banks in the country sacked 93 employees over fraud after a member of staff of one of the banks stole about N44 billion from customers’ accounts.

NCC warns Nigerians to remove 5 Google Chrome extensions

Legit.ng reported that the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has identified five malicious Google Chrome Extensions.

According to the commission, the extensions surreptitiously track online browser activities and steal users' data.

Proofread by Kola Muhammed, journalist and copyeditor at Legit.ng

Source: Legit.ng

Authors:
Pascal Oparada avatar

Pascal Oparada (Business editor) Pascal Oparada is a Mass Communications Graduate from Yaba College of Technology with over 10 years of experience in journalism. He has worked in reputable media organizations such as Daily Independent, TheNiche newspaper, and the Nigerian Xpress. He is a 2018 PwC Media Excellence Award winner. Email:pascal.oparada@corp.legit.ng