The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned against a malware attack that steals Facebook account credentials, also known as Schoolyard Bully.

NCC-CSIRT said it had infected over 300,000 android devices, which prompted an advisory reminding users to only download applications from official sites and application stores.

NCC spokesman Reuben Muoka disclosed this in a statement on Wednesday.

Mr Muoka said researchers from mobile security firm, Zimperium, found several apps that transmit the Schoolyard Bully malware, disguised as reading and educational apps.

According to him, the malicious apps were available on Google Play, adding, ”yet they have already been taken down, and they still spread via third-party Android app shops.”

He added, “The NCC-CSIRT advisory in this regard further recommended that users double-check each application and uncheck boxes that request extra third-party downloads when installing apps downloaded from the Google Play Store. And to use anti-malware applications to routinely scan their devices for malware.”

The NCC official explained that the primary objective of the malware, which “affects all versions of Facebook Apps for Android, is to steal Facebook account information” and to steal email address and password, account ID, username, device name, device RAM (Random Access Memory), and device API (Application Programming Interface).

The (Zimperium) research stated that the malware “employs JavaScript injection” to steal Facebook login information and that the malware “loads a legitimate URL (web address) inside a WebView (a WebView maps website elements” that enable user interaction through Android View objects and their extensions) with malicious JavaScript injected.

“To obtain the user’s contact information (phone number, email address, and password), then send it to the command-and-control server,” said NCC-CSIRT. 

He said malware uses native libraries to evade detection and analysis by security software and machine learning technologies.

The CSIRT is the telecom sector’s cybersecurity incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large. It works collaboratively with Nigerian Computer Emergency Response Team (ngCERT), established by the federal government.

It was established to “reduce the volume of future computer risk incidents by preparing, protecting, and securing Nigerian cyberspace to forestall attacks, and problems or related events.”

(NAN)