NITDA Alerts Nigerians on Malware Designed to Steal Banking Details

• The NITDA has urged Nigerians to exercise caution when downloading or opening links sent via email or found on the internet
• The government agency warns that the highly advanced malware disguised as legitimate documents
• According to the agency, the malware takes over users' phones after download, with the intent of stealing their banking details

Legit.ng journalist Dave Ibemere has over a decade of business journalism experience with in-depth knowledge of the Nigerian economy, stocks, and general market trends.

The National Information Technology Development Agency (NITDA) has cautioned Nigerians about a Grandoreiro banking malware.

The agency warned that the malware is very sophisticated and designed to target banking apps and steal financial information from users.

The malware threats were disclosed in an advisory by NITDA’s Computer Emergency Readiness and Response Team released on Monday, December 9, 2024.

Explaining further, NITDA noted that the malware is distributed primarily through phishing emails and fraudulent websites.

Read also

NIN modification woes: Nigerians express frustration over process, NIMC, banks trade blame

Part of the advisory stated:

"A new version of the banking malware Grandoreiro has emerged, targeting users globally. This banking Trojan is primarily distributed through phishing emails and fake websites."

"These deceptive platforms trick victims into downloading malicious software disguised as legitimate updates or documents.

"Once installed, the malware bypasses standard security controls, granting attackers unauthorised access to devices and sensitive information.

"This malware poses a significant risk to individuals and businesses, potentially compromising sensitive financial information and enabling unauthorised transactions."

NITDA advises Nigerians on steps to mitigate risk

NITDA highlighted the potential consequences of falling victim to Grandoreiro, including financial losses and identity theft, Punch reports.

To counter the threat, the agency urged the public to adopt stringent security measures, emphasizing the importance of vigilance and robust cybersecurity practices.

How to avoid falling victims

• Do not click on links or open attachments from unknown or unsolicited emails.
• Only download software updates or documents from official and trusted sources.
• Use Multi-Factor Authentication (MFA) to protect online banking and financial accounts from unauthorised access.
• Keep antivirus and anti-malware software up to date, and perform regular scans.
• Avoid conducting financial transactions over public Wi-Fi networks; use a VPN if necessary.
• Monitor banking activity frequently to detect and report unauthorized transactions promptly.

Read also

Nigerian cyber fraud gang arrested for using over 500 bank accounts in elaborate scheme

NCC warns Nigerians about malware on Google Chrome

In a related report, the Nigerian Communications Commission Computer Security Incident Response Team (NCC-CSIRT) issued a warning to Nigerians about a malicious app in Google chrome extensions.

NCC-CSIRT stated that the extensions track online browser activities and steal users’ data without their knowledge.

The commission advised users to avoid the app and resist the urge to install it.

Proofread by Kola Muhammed, journalist and copyeditor at Legit.ng

Source: Legit.ng