Latest reports by the Computer Emergency Readiness and Response Team (CERRT) of the National Information Technology Development Agency (NITDA) have shown that hundreds of banking and financial apps are at grave risk of attack from the new Nexus Android banking trojan.
CERRT said in the latest report that the new Nexus Android banking trojan is designed to operate stealthily, with the ability to hide from detection and evade security measures.
According to CERRT, “A staggering variety of different banking and financial apps are susceptible to attack by this Trojan. The malware is being distributed through phishing pages disguised as legitimate websites called YouTube Vanced.
The report further disclosed that the trojan can intercept and steal sensitive data, including login credentials, credit card information, and other financial information, once it has been installed on a device.
“Additionally, it has the ability to intercept codes from the Google Authenticator app as well as two-factor authentication messages delivered by text.
“The banking malware can also delete text messages that have been received on an infected device and periodically update itself by pinging a command-and-control server that is under the control of cybercriminals,” CERRT disclosed further in the report.
CERRT advises that to avoid becoming a victim of this cyber menace, users should avoid clicking on Ads or unverified links; avoid visiting or downloading apps from unauthorized websites; and ensure that antivirus software is installed on the user’s device.
The Computer Emergency Readiness and Response Team (CERRT) is a unit of the National Information Technology Development Agency (NITDA) established in April 2014 in response to the increase in the rate of cybercrime and in fulfilment of the requirements of the National Cybersecurity Strategy.
By NITDA’s mandate, CERRT functions as a government cert, coordinating and facilitating information sharing, providing mitigation strategies and recommendations for incident response and recovery, researching and analyzing trends and patterns of incident activity for government Ministries, Departments and Agencies (MDAs) with extension to the private sector as well.