The National Information Technology Development Agency (NITDA) has warned the public of ‘Ov3r_Stealer’, a new threat targeting users on Facebook.
The agency, in a statement posted on X on Monday, said the
malware affects users by spreading through deceptive job advertisements and
fake accounts.
According to NITDA, users become “infected” by clicking on
these malicious advertisement links.
“The malware employs various execution methods to extract
sensitive data from victims,” the agency said.
“The Ov3r Stealer
malware can also be used as a dropper for other malware, including ransomware.”
According to NITDA, when users click on the advertisement,
“they are redirected to a malicious Discord URL which executes the malware
through a PowerShell script masquerading as a Windows Control Panel (CPL) file
to download the malware payload from a GitHub repository”.
“Ov3r Stealer poses a significant risk by silently
exfiltrating a wide range of personal and sensitive information including
geolocation (based on IP), hardware info, passwords, cookies, credit card
information, auto-fills, browser extensions, crypto wallets, Office documents,
and antivirus product information,” NITDA added.
“This data is
subsequently transmitted to a Telegram channel where it is possibly sold or
used for phishing attacks.”
To prevent being affected, the agency advised users to
ensure that softwares are always updated.
In addition, NITDA said avoiding clicking on advertisement
links, especially on social media platforms and having an antivirus that is
regularly updated, would go a long way.
The technology agency also urged the public to stay updated
on new and evolving threats.
Advertise on NigerianEye.com to reach thousands of our daily users
No comments
Post a Comment
Kindly drop a comment below.
(Comments are moderated. Clean comments will be approved immediately)
Advert Enquires - Reach out to us at NigerianEye@gmail.com