Connect with us

News

Cybercrime: NCC reports new malware AbstractEmu, attacking Android devices

Published

on

Nasiru Yusuf

 

The Nigerian Communications Commission (NCC) has discovered a new Android malware attacking telecommunication consumers.

 KANO FOCUS reports that the malware, named ‘AbstractEmu’, can gain access to smartphones, take complete control of infected smartphones and silently modify device settings while simultaneously taking steps to evade detection.

A statement issued by Director Public Affairs Ikechukwu Adinde said this discovery was announced recently by the Nigerian Computer Emergency Response Team (ngCERT), the national agency established by the Federal Government to manage the risks of cyber threats in the Nigeria, which also coordinates incident response and mitigation strategies to proactively prevent cyber-attacks against Nigeria.

AbstractEmu has been found to be distributed via Google Play Store and third-party stores such as the Amazon Appstore and the Samsung Galaxy Store, as well as other lesser-known marketplaces like Aptoide and APKPure.

The advisory stated that a total of 19 Android applications that posed as utility apps and system tools like password managers, money managers, app launchers, and data saving apps have been reported to contain the rooting functionality of the malware.

The apps are said to have been prominently distributed via third-party stores such as the Amazon Appstore and the Samsung Galaxy Store, as well as other lesser-known marketplaces like Aptoide and APKPure.

The apps include All Passwords, Anti-ads Browser, Data Saver, Lite Launcher, My Phone, Night Light and Phone Plus, among others.

According to the report, rooting malware although rare, is very dangerous. By using the rooting process to gain privileged access to the Android operating system, the threat actor can silently grant itself dangerous permissions or install additional malware – steps that would normally require user interaction. Elevated privileges also give the malware access to other apps’ sensitive data, something not possible under normal circumstances.

The ngCERT advisory also  captured the consequences of making their devices susceptible to AbstractEmu attack. Once installed, the attack chain is designed to leverage one of five exploits for older Android security flaws that would allow it to gain root permissions. It also takes over the device, installs additional malware, extracts sensitive data,  and transmits to a remote attack-controlled server.

Additionally, the malware can modify the phone settings to give app ability to reset the device password, or lock the device, through device admin; draw over other windows; install other packages; access accessibility services; ignore battery optimisation; monitor notifications; capture screenshots; record device screen; disable Google Play Protect; as well as modify permissions that grant access to contacts, call logs, Short Messaging Service (SMS), Geographic Positioning System (GPS), camera, and microphone.

The ngCERT also asserts in the advisory that, while the malicious apps were removed from Google Play Store, the other app stores are likely distributing them.

Consequently, the NCC wishes to reiterate a two-fold ngCERT advisory in order to mitigate the risks. The two-fold advisory include:

“1. Users should be wary of installing unknown or unusual apps, and look out for different behaviours as they use their phones.

“2. Reset your phone to factory settings when there is suspicion of unusual behaviours in your phone.

“The NCC, in exercise of its mandate and obligation to the consumers, will continue to sensitise and educate telecoms consumers on any cyber threat capable of inflicting low or high-impact harms on their devices, whether discovered through the ngCERT or the telecom sector’s Centre for Computer Security Incident Response managed by the Commission.

It will be recalled that the NCC, in October 2021, alerted telecom consumers of the existence of new, high-risk and extremely-damaging, Android device – targeting Malware called Flubot and outlined steps to prevent the eir devices from being attacked by the virus.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Headlines

Kwankwaso denies taking position on rumoured defection to APC

Published

on

 

 

 

The 2023 Presidential candidate of the New Nigerian Peoples Party (NNPP), Dr. Rabiu Musa Kwankwaso, has debunked reaching a resolution with any individual on the trending defection rumoured to the ruling party or any other political party.

KANO FOCUS reports that Kwankwaso, who considered the recent statement credited to have suggested a particular position as an imagination of falsehood and fragmentation of political mischief against him.

A statement posted on his official X handle @KwankwasoRM, the ex-Governor insisted he has since refrained from commenting on contemporary political events, and will continue to do so for the time being.

In the said false information that went viral, Kwankwaso was quoted to have revealed a meeting with President Bola Tinubu on multiple occasions, urging him to return to the APC fold.

Responding to a statement purportedly signed by one Ibrahim Rabiu, Sen. Kwankwaso insisted he had never signed or authorised any statement to be issued on his behalf.

“My attention has been drawn to a statement purportedly stating my position on the recurring political realignments. I wish to categorically state that such statements are false, unfounded, and products of political mischief.

“I have refrained from commenting on contemporary political events, and I will continue to do so for the time being.”

” I urge the public to only engage statements that come from my public handles and other official sources”. Kwankwaso RM.”

In a releted development, the author of the purported false statement Ibrahim Rabiu has issued a self counter, denouncing the statement as a work of devil.

“I Ibrahim Rabiu, wish to inform the general public that I was never authorised by Sen. Rabiu Kwankwaso to issue and release a statement on his belhalf”

“I therefore wish to tender a public apology to his person with a promise that such childish act will never be repeated in the future, please find a space in your heart to forgive me, I was misled by fake news and agents of misinformation”

Continue Reading

Headlines

Emir Sanusi commends AGILE for renovating over 1,300 schools in Kano

Published

on

 

 

The Emir of Kano, Khalifa Muhammad Sunusi II, commended the Adolescent Girls Initiatives for Learning and Empowerment (AGILE) Project for reenrolling over 30,000 adolescent girls and renovating more than 1,300 schools across the state.

KANO FOCUS reports that the Emir made the commendation while reeiving AGILE State Project Implementation Unit (SIPU) who paid him an advocacy visit recently.

Khalifa Muhammadu Sanusi ll

He emphasized the Kano Emirate Council’s commitment to advocating for education and pledged continued support to ensure the enrollment, retention, transition, and completion of girls’ education in Kano.

The Emir also emphasized the importance of collaboration and synergy in implementing policies and programs that foster the development of the state and the nation at large.

AGILE Project Coordinator presenting gift to Emir of Kano

He expressed satisfaction with the AGILE project’s strong monitoring and evaluation framework, particularly in tracking the use of grants and conditional cash transfers.

In his remarks, the Kano State AGILE Coordinator, Malam Mujtapha Aminu said more than 100,000 students are currently enrolled in learning centers across 23 local government areas under the Adolescent Girls’ Initiative for Learning and Empowerment (AGILE) second chance education in Kano.

AGILE PC and Emir of Kano

He said this initiative provides out-of-school adolescent girls an opportunity to complete their secondary education, gain entrepreneurship and life skills.

According to him, the second chance education students undergo literacy, numeracy, and entrepreneurship training across 5,000 learning centers.

Athletes who participated in AGILE WEEK Games

He further explained that after nine months of instruction, the students sit for examinations and are awarded certificates equivalent to the Junior Secondary School Certificate.

“Those who enroll in the advanced literacy program also have the opportunity to sit for national examinations such as NECO and WAEC,” he added.

He said they visited the Emir’andalace to seek blessings and advocate for support to achieve their goals.

AGILE Communications Officer and games officials

The AGILE Project is a World Bank-assisted initiative implemented through Federal and State Ministries of Education, aimed at improving secondary education opportunities for adolescent girls in Nigeria.

Continue Reading

Headlines

Rurum, Rogo finally dump NNPP for APC  

Published

on

 

 

 

 

 

The gale of defection from opposition political parties intensifies as two members of the opposition New Nigeria Peoples Party (NNPP), Abdullahi Sani Rogo and Kabiru Alhassan Rurum, have defected to the ruling All Progressives Congress (APC).

 

KANO FOCUS reports that both lawmakers represent Rano/Bunkure/Kibiya and Karaye/Rogo federal constituency of Kano State.

 

Both lawmakers announced their defection at plenary presided over by Speaker Abbas Tajudeen.

 

On hand to witness the defection on the floor of the House was the national chairman of the APC, Dr. Abdullahi Umar Ganduje, accompanied by some members of the national working committee of the party.

 

However, the Minority Whip, Isa Ali JC, faulted the defection of the lawmakers on the basis that it was against constitutional provisions.

 

As of Thursday, no fewer than 30 members of opposition political parties have dumped their parties to join the APC.

Continue Reading

Trending