CEM REPORT, ICT | Android users are warned to be aware of a new Malware that steals Facebook account credentials
The malware called “Schoolyard Bully” has reportedly infected over 300,000 Android devices globally.
According to the Nigeria Communications Commission – Computer Security Incident Response Team (NCC-CSIRT), latest advisory, researchers from mobile security firm, Zimperium, found several apps that transmit the “Schoolyard Bully” malware while disguising themselves as reading and educational apps with a variety of books and topics for their victims to study.
The commission noted that the primary objective of the malware, which affects all versions of Facebook Apps for Android, is to steal Facebook account information, including the email address and password, account ID, username, device name, device RAM (Random Access Memory), and device API (Application Programming Interface).
“Furthermore, the malware uses native libraries to evade detection and analysis by security software and machine learning technologies.”
The NCC-CSIRT advisory in this regard further recommended that users double-check each application and uncheck boxes that request extra third-party downloads when installing apps downloaded from the Google Play Store and to use anti-malware applications to routinely scan their devices for malware.
Additionally, the advisory stated that although the malicious apps available on Google Play has since been taken down. However, they still spread via third-party Android app shops.
The commission advised Nigerian mobile users to only download applications from official sites and application stores.
CEM earlier reported that the NCC’s Computer Security Incident Response Team (NCC-CSIRT) warned Nigerians about other possible cyber attacks. Most recently, it warned about the potential harm of participating in the Invisible Challenge on TikTok.