The NCC has issued a warning to mobile phone users about a new Malware called AbstractEmu that targets Android devices.

 

A new Android malware has been detected, according to the Nigerian Communications Commission (NCC).

 

The malware, known as ‘AbstractEmu,’ has the ability to acquire access to cellphones, take entire control of affected smartphones, and surreptitiously adjust device settings while attempting to avoid detection.

This discovery was recently announced by the Nigerian Computer Emergency Response Team (ngCERT), the national agency established by the Federal Government to manage the risks of cyber threats in Nigeria, which also coordinates incident response and mitigation strategies to proactively prevent cyber-attacks against Nigeria, according to a statement signed by Dr. Ikechukwu Adinde, director, Public Affairs at NCC.

“AbstractEmu has been discovered to be distributed through the Google Play Store and third-party stores including the Amazon Appstore and the Samsung Galaxy Store, as well as other lesser-known markets like Aptoide and APKPure,” he stated.

The malware’s rooting functionality has been found in 19 Android apps that posed as utility apps and system tools such as password managers, money managers, app launchers, and data saving apps, according to the advisory.

Third-party storefronts like Amazon Appstore and Samsung Galaxy Store, as well as lesser-known marketplaces like Aptoide and APKPure, are claimed to have been heavily used to distribute the programs.

All Passwords, Anti-ads Browser, Data Saver, Lite Launcher, My Phone, Night Light, and Phone Plus are just a few of the apps available.

Rooting virus, despite its rarity, is extremely harmful, according to the report. The threat actor can covertly grant itself hazardous rights or install further malware by utilizing the rooting procedure to acquire privileged access to the Android operating system — acts that would ordinarily need user engagement.

In addition, malware with elevated rights can access sensitive data from other apps, which is impossible in normal conditions.

The implications of rendering their devices vulnerable to the AbstractEmu attack were also addressed in the ngCERT advisory.

The attack chain is meant to use one of five exploits for older Android security weaknesses to get root capabilities once it has been deployed.

It also takes control of the device, installs other software, extracts sensitive data, and sends it to a remote site controlled by the attacker.

Furthermore, the malware can change phone settings to allow the app to reset the device password or lock the device through device admin; draw over other windows; install other packages; access accessibility services; ignore battery optimization; monitor notifications; capture screenshots; record device screen; disable Google Play Protect; and modify permissions that grant access to contacts, call logs, Short Messaging Service (SMS), and Geographic Positioning Service (GPS).

While the malicious apps have been withdrawn from the Google Play Store, the ngCERT claims that they are still being distributed through other app shops.

As a result, the NCC would like to reiterate a two-part ngCERT advisory in order to reduce the risks.

 

The two-part advice includes:

 

  1. Users should be cautious about installing unknown or unusual apps and keep an eye out for unusual behaviors while using their phones.

 

  1. If you suspect your phone is behaving strangely, reset it to factory settings.

 

The NCC will continue to sensitize and educate telecoms consumers on any cyber threat capable of inflicting low or high-impact harms on their devices, whether discovered through the ngCERT or the telecom sector’s Centre for Computer Security Incident Response, which is managed by the Commission, as part of its mandate and obligation to consumers.

In October 2021, the NCC warned telecom customers about a new, high-risk, and extremely harmful Android device-targeting Malware named Flubot and provided instructions on how to prevent their devices from getting infected.

Leave a Reply

Your email address will not be published.

Next Post

The National Assembly has approved a budget of N86.2 billion for the Nigerian Communications Commission's operations in 2022.

Tue Nov 9 , 2021
Presenting the budget to the joint Senate and House of Representatives Committee on Communications, ICT and Cybercrimes, headed by Senator Oluremi Tinubu, the Executive Vice Chairman of NCC, Prof. Umar Danbatta, gave an overview of the performance of the Commission’s 2021 budget and 2022 budget. Prof. Umar Danbatta, the Executive […]

Categories