A MALWARE that steals Facebook account credentials, known as ‘Schoolyard Bully’, has infected over 300,000 android devices.
This has prompted the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) to issue an advisory, reminding users to only download applications from official sites and application stores.
The advisory recommended that users double-check each application; uncheck boxes that request extra third-party downloads when installing apps downloaded from Google Play Store; and use anti-malware applications to routinely scan their devices.
NCC, yesterday, said researchers from mobile security firm, Zimperium, found several apps that transmit the Schoolyard Bully malware, while disguising themselves as reading and educational apps with a variety of books and topics for their victims to study.
According to the commission, the primary objective of the malware, which affects all versions of Facebook apps for android, is to steal account information, including email address and password, account ID, username, device name, device RAM (Random Access Memory), and device API (Application Programming Interface).
“The malware uses native libraries to evade detection and analysis by security software and machine learning technologies.”
The CSIRT is the telecom sector’s cyber security incidence centre, set up by NCC to focus on incidents in the sector as they may affect consumers.