Admin l Tuesday, November, 2022
NCC warns as Mobile Apps Group becomes habitat for Trojan, Malware
LAGOS, Nigeria – Following the constant introduction of malicious apps into Google Play Store, the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised against the installation of apps from the offending publisher, the ‘Mobile Apps Group’, whose products were discovered to contain Trojans and adware that are harmful to users and their privacy.
NCC-CSIRT’s advisory on the incident disclosed that “The Nigeria Computer Emergency Response Team (ngCERT) has continued to observe and monitor the constant introduction of malicious mobile applications into Google Play Store.
“Mobile apps Group has a history of distributing malware-infected apps through the Google Play store, and the current batch of apps has already been downloaded over a million times” it said.
It listed this group’s malicious apps as the Bluetooth Auto Connect; Bluetooth App Sender; Driver: Bluetooth, Wi-Fi, USB; and Mobile transfer: smart switch.
According to the advisory, “The apps will delay the display of ads for up to three days after installation to avoid detection. However, once this period has passed, the user is bombarded with advertisements and is directed to malicious phishing websites in the Chrome browser. While the device is idle, the malicious app can open Chrome tabs in the background. Some of the sites it opens may appear to be harmless, but they are pay-per-click pages that generate revenue for the developers when clicked on.”
Consequences of installing the malicious apps include the user being bombarded with advertisements, which will degrade the user experience; theft of sensitive user data; clicking on the ads resulting in the stealth download or installation of additional malware, as well as the user privacy and data being jeopardized.
These unpleasant consequences are avoidable when users refrain from downloading apps developed by Mobile apps Group and ensure to read app reviews before installing any app. Other proffered solutions are for users that may have installed any of the identified malicious apps to immediately uninstall them and to install up-to-date anti-malware solution to detect and remove malware.
NCC-CSIRT rated the malicious activities of the offending apps as high in probability and potential to do damage.
The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.
The CSIRT also works collaboratively with ngCERT, established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting, and securing Nigerian cyberspace to forestall attacks, and problems or related events.
“Some of the individuals recognised are founders of fincumbents that have been around for over two to three decades while the rest are founders of the new few unicorns.“
Fanawopo said the Nigerian Fintech Awards was founded in 2012 and are dedicated to honouring excellence in financial technologies and services companies and products.
He added that the awards provide public recognition for the achievements of Fintech companies and products in many categories. These categories include payments, personal finance, wealth management, fraud protection, banking, lending, regtech, insurtech, and more.
“The Nigerian Fintech Awards has no tie with any fintech company. This means that our decisions and actions are independent of any interest or operational restrictions. The ethos of the awards is in line with this freedom,” he said.
According to him, to celebrate the Nigerian Fintech industry was in order as the 2021 Fintech Times report has shown, Nigeria’s fintech landscape comprised 210 to 250 fintech companies, key stakeholders (banks, telecom companies and the government), enablers and funding partners (i.e universities and research institutions, investors, incubators, technology, and consumers).