The National Information Technology Development Agency (NITDA) has warned Nigerians to be mindful of a new malicious malware called ‘OV3R_Stealer’, which is aimed at attacking Facebook users.
This is contained in an advisory released in Abuja on Monday by the agency’s head, corporate affairs and external relations, Hadiza Umar.
“A new threat, known as Ov3R_Stealer malware, has emerged, targeting users on Facebook, spreading through deceptive job advertisement and fake accounts.
“Users become infected by clicking on these malicious advertisement links.
“The malware employs various execution methods to extract sensitive data from victims,” NITDA spokesperson said.
According to her, the Ov3R_Stealer malware can also be used as a dropper for other malware, including ransomware.
Mrs Umar said, “When users click on the advertisement, they will be redirected to a malicious discord URL which executes the malware through a PowerShell script.”
Mrs Umar said the Powershell masquerades as a Windows Control Panel(CPL) file to download the malware payload from a GitHub repository.
“Ov3r_Stealer poses a significant risk by silently exfiltrating a wide range of personal and sensitive information including geo-location (based on IP), hardware info, passwords, cookies, credit card, among others.
“This data is subsequently transmitted to a telegram channel where it is possibly sold or used for phishing attacks.
“There is a need to ensure that users’ software is always updated and avoid clicking on advertisement links, especially on social media platforms.
“Ensure your system antivirus is updated regularly and stays current on new and evolving threats,” she said.
(NAN)
