NCC-CSIRT flags off ‘hiddenAds’ malware that jeopardizes users’ privacy
The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has flagged a new malware, HiddenAds, which has infiltrated Google Play Store that can impact device performance and jeopardize users’ privacy.
In its advisory of August 8, 2022, NCC-CSIRT classified the virus, first identified by the McAfee Mobile Research Team, as high in probability and damage potential.
The malware infiltrated the Google Play Store in the form of several device cleaners or optimization apps.
According to the summary provided by NCC-CSIRT upon installation, it can run malicious services without the user opening the app. It also spams the user with irrelevant advertisements. The apps have received downloads ranging from 100,000 to over a million.
“Some of the apps HiddenAds masquerades as are: Junk Cleaner, EasyCleaner, Power Doctor, Carpet Clean, Super Clean, Meteor Clean, Strong Clean, Windy Clean, Fingertip Cleaner, Keep Clean, Full Clean – Clean Cache, Quick Cleaner, and Cool Clean.
Read Also: NYSC warns corps members against harmful acts
Anyone that installs the compromised app will experience their device performance suffering significantly, clicking on the ads may result in stealth downloads/installation of other malware, users may inadvertently subscribe to services and be billed on a monthly basis, and the privacy of users will be jeopardized.
NCC-CSIRT advised users to avoid downloading questionable apps or apps they are unsure about while those who have installed any of the identified malicious apps should immediately delete them.
It further disclosed that where the malicious app’s icon and name have changed, it can be identified by the fact that it is removable while the legitimate Google Play app cannot be uninstalled.
The advisory recommended the installation of anti-virus/anti-malware software with a proven track record for detecting and removing malware.
The Computer Security Incident Response Team (CSIRT) is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.
The CSIRT also works collaboratively with the Nigeria Computer Emergency Response Team (ngCERT), established by the Federal Government to reduce the volume of future computer risks incidents bypreparing, protecting and securing the Nigerian cyberspace to forestall attacks, problems or related events.
NCC-CSIRT flags off ‘hiddenAds’ malware that jeopardizes users’ privacy