The Computer Emergency Readiness and Response Team (CERRT) of the National Information Technology Development Agency (NITDA) has warned users of mobile devices to be wary of the Moneymonger malware on loan apps.
RELATED: NITDA to Nigerians: Beware of REIGN spyware stealing your data in Apple devices
The CERRT.NG has posted an advisory on how not become a victim of the Moneymonger malware. Read the full statement below.
Overview
Hackers are taking advantage of money-lending apps to carry out a
malware campaign called “MoneyMonger”, aimed at blackmailing users
into meeting up with certain demands else they risk having their private
information revealed to the public.
Developing countries like Nigeria are a prime target for dodgy loan apps and this has created an avenue for hackers to exploit. Although none of the 33 apps used in the deceptive scheme have been distributed through the Google Play Store, they have been distributed through unofficial app stores, smishing (SMS Phishing), rogue ads, compromised websites and social media campaigns.
The campaign has reportedly racked up over 100,000 downloads.
Impact
Once the malware is installed, it harvests and uploads a wide range
of private information from the victim’s device onto its server. The
collected data include GPS locations, text messages, contacts, call logs,
files, photos, and audio recordings amongst others. This information is
then used to blackmail the victim into paying excessively high-interest
rates
Preventie Measures
• Install up-to-date anti-malware applications on mobile devices.
• Always install applications from trusted sources.
• Read reviews before downloading any app.
• Be aware of what information the app collects from your device.
• Do not click on suspicious links.
COVER IMAGE: DNA India