NITDA alerts users about a malware attack on Facebook

Social Media Plug-ins:

The National Information Technology Development Agency’s Computer Emergency Readiness and Response Team has issued an alert to Nigerians about a new malware attack known as ‘Ov3r_Steale,’ which specifically targets Facebook users.

In an advisory released on Monday, the agency stated that this emerging threat tricks Facebook users into clicking on malicious links disguised as job advertisements.

Subsequently, it gains unauthorised access to users’ sensitive information and extracts their data for potential attacks.

The agency stated, “A new threat, known as “Ov3r_Stealer” malware, has emerged, targeting users on Facebook and spreading through deceptive job advertisements and fake accounts.

“Users become infected by clicking on these malicious advertisement links. The malware employs various execution methods to extract sensitive data from victims.

“The Ov3r_Stealer malware can also be used as a dropper for other malware, including ransomware.”

NITDA further highlighted that upon clicking the advertisement, users are redirected to a malicious Discord URL.

This URL initiates the malware through a PowerShell script, cleverly disguised as a Windows Control Panel file, leading to the download of the malware payload from a GitHub repository.

“Ov3r_Stealer poses a significant risk by silently exfiltrating a wide range of personal and sensitive information, including geolocation (based on IP), hardware info, passwords, cookies, credit card information, auto-fills, browser extensions, crypto wallets, Office documents, and antivirus product information.

“This data is subsequently transmitted to a Telegram channel, where it is possibly sold or used for phishing attacks,” NITDA added.

To enhance protection against these attacks, NITDA recommended that Nigerians constantly update their apps.

“Additionally, caution is advised for Facebook users, particularly when interacting with advertisement links on social media platforms,” it stated.

The agency emphasised the importance of regularly updating antivirus software on users’ systems to stay vigilant against new and evolving threats in the cyber landscape.

A report in December 2023 revealed that an average of 411,000 malicious files were being sent every day last year, signifying a three percent increase from what was sent in 2022.