The National Information Technology Development Agency, NITDA, has Nigerians to be mindful of a new malicious malware ‘OV3R_Stealer’, aimed at attacking Facebook users.
This is contained in an advisory released in Abuja on Monday by the agency’s Head, Corporate Affairs and External Relations, Hadiza Umar.
“A new threat, known as Ov3R_Stealer malware, has emerged, targeting users on Facebook, spreading through deceptive job advertisement and fake accounts.
“Users become infected by clicking on this malicious advertisement links.
“The malware employs various execution methods to extract sensitive data from victims,” NITDA spokesperson said.
According to her, the Ov3R_Stealer malware can also be used as a dropper for other malware, including ransomware.
Umar said, “When users click on the advertisement, they will be redirected to a malicious discord URL which executes the malware through a PowerShell script.”
Umar said the Powershell masquerades as a Windows Control Panel(CPL) file to download the malware payload from a GitHub repository.
“Ov3r_Stealer poses a significant risk by silently exfiltrating a wide range of personal and sensitive information including geo-location (based on IP), hardware info, passwords, cookies, credit card, among others.
“This data is subsequently transmitted to a telegram channel where it is possibly sold or used for phishing attacks.
“There is need to ensure that users software’s are always updated, avoid clicking on advertisement links especially on social media
platforms.
“Ensure your system antivirus are
updated regularly and stay updated on new and evolving threats,” she said.
NAN
