NCC cautions Nigerians on new malware, issues advisory

The Nigerian Communications Commission (NCC) has cautioned Nigerians of a new malware called HiddenAds.

NCC’s Public Affairs Director, Reuben Muoka, in a statement, said the malware has been flagged “infiltrated Google Play Store that can impact device performance and jeopardize users’ privacy.”

The NCC’s Computer Security Incident Response Team (NCC-CSIRT) identified the new malware as “high in probability and damage potential”.

It said the malware infiltrated the Google Play Store in the form of several device cleaners or optimization apps.

Minister: Nigeria loses 400,000 barrels daily to oil theft

“Upon installation, it can run malicious services without the user opening the app. It also spams the user with irrelevant advertisements. The apps have received downloads ranging from 100,000 to over a million.

“Some of the apps HiddenAds masquerades as are: Junk Cleaner, EasyCleaner, Power Doctor, Carpet Clean, Super Clean, Meteor Clean, Strong Clean, Windy Clean, Fingertip Cleaner, Keep Clean, Full Clean – Clean Cache, Quick Cleaner, and Cool Clean.

“When a user installs any of the aforementioned apps, whether the user has opened the app or not, a malicious service is immediately installed on the device. The app will then attempt to blend into the app tray by changing its icon to the Google Play icon that every Android user is familiar with. Its name will also change to ‘Google Play’ or ‘Setting’. The device will then be bombarded with ads in a variety of deceptive ways, severely impairing the user experience,” the advisory stated.

IGP: I’m disappointed over brutality, extortion by police officers

The regulatory body advised Nigerians that having “the compromised app will experience their device performance suffering significantly, clicking on the ads may result in stealth downloads/installation of other malware, users may inadvertently subscribe to services and be billed on a monthly basis, and the privacy of users will be jeopardized.”

NCC-CSIRT advised users to avoid downloading questionable apps or apps they are unsure about while those who have installed any of the identified malicious apps should immediately delete them.

It further disclosed that where the malicious app’s icon and name have changed, it can be identified by the fact that it is removable while the legitimate Google Play app cannot be uninstalled.

The advisory recommended the installation of anti-virus/anti-malware software with a proven track record for detecting and removing malware.

The Star