Nigerians have been warned by the National Information Technology Development Agency (NITDA) to be wary of a new harmful software called “OV3R_Stealer” that targets Facebook users.
This is stated in a memo that the agency’s head of Corporate Affairs and External Relations, Mrs Hadiza Umar, released on Monday in Abuja.
“A new threat, known as Ov3R_Stealer malware, has emerged, targeting users on Facebook, spreading through deceptive job advertisement and fake accounts.
“Users become infected by clicking on these malicious advertisement links.
“The malware employs various execution methods to extract sensitive data from victims,” Mrs Hadiza Umar said.
According to her, the Ov3R_Stealer malware can also be used as a dropper for other malware, including ransomware.
Umar said, “When users click on the advertisement, they will be redirected to a malicious discord URL which executes the malware through a PowerShell script.”
Umar said the Powershell masquerades as a Windows Control Panel (CPL) file to download the malware payload from a GitHub repository.
“Ov3r_Stealer poses a significant risk by silently exfiltrating a wide range of personal and sensitive information including geo-location (based on IP), hardware info, passwords, cookies, and credit card, among others.
“This data is subsequently transmitted to a telegram channel where it is possibly sold or used for phishing attacks.
“There is a need to ensure that users’ software’s always updated, and avoid clicking on advertisement links, especially on social media platforms.
“Ensure your system antivirus is updated regularly and stay updated on new and evolving threats,” she said.
