The National Information Technology Development Agency (NITDA) through Microsoft, a world renown multinational technology company, has uncovered a widespread malicious email campaign undertaken by the hacking group – NOBELIUM.
A statement by the head, Corporate Affairs and External Relations, NITDA, Mrs. Hadiza Umar, said the “cybercriminals leveraged the legitimate mass-mailing service, to masquerade as a US-based development organisation and distribute malicious URLs to a wide variety of organisations especially government organisations, non-government organizations (NGOs), think-tanks, military, IT service providers, health technology and research, and telecommunications providers.
NITDA further disclosed that the antics of the cybercriminals involve the use of emails claiming to be an alert from USAID about new documents published by former President Donald Trump about “election fraud.”
“Once users click the link in the email, the URL would direct them to the legitimate Constant Contact Service and then redirect to Nobelium-controlled infrastructure through a URL that delivers a malicious ISO file.
“This in turn, enables the criminals to execute further malicious objectives, such as lateral movement, data exfiltration and delivery of additional malware.
“NITDA advises Nigerians to be wary of such criminals masquerading as USAID and follow the following recommendations:
“Turn on cloud-delivered protectionin Microsoft Defender Antivirus or the equivalent to cover rapidly evolving attacker tools and techniques.
“Run EDR in block mode to enable antivirus block malicious artifacts (EDR in block mode works behind the scenes to remediate malicious artifacts that are detected post-breach.)
“Enable network protection to prevent applications or users from accessing malicious domains and other malicious content on the Internet.
“Enable investigation and remediation in full automated mode to allow antivirus take immediate action on alerts to resolve breaches.
“Use device discovery to increase your visibility into your network by finding unmanaged devices on your network and onboarding them
“Enable multifactor authentication (MFA) to mitigate compromised credentials.
“Block all Office applications from creating child processes.
“Users and administrators are advised to review and apply the above mitigations.
“To report an incident, contact NITDA CERRT via email email@example.com or via telephone +2348178774580,” the statement noted.
INVESTIGATION19 hours ago
Billionaire Doyin Group chairman, Samuel Adedoyin’s grandson commits suicide
THE NEWS13 hours ago
‘I stabbed him twice’, suspect narrates how she killed Super TV CEO (VIDEO)
BUSINESS18 hours ago
Kano bakers threaten indefinite strike over BUA Group, IRS, others flour price hike
THE NEWS3 days ago
We are using agency banking to drive entrepreneurship, wealth creation – Ecobank
THE NEWS3 days ago
Farouk Lawan sentenced to seven years in prison over $3m bribe
SPORTS18 hours ago
EURO 2020: Vexed by DStv’s price, football fans switch to StarTimes
THE NATION1 day ago
IWD: Pains of widows in Nigeria and CBA Foundation’s drive to assuage them
OPINION10 hours ago
Anambra PDP and the audacity of usurpation, By Uchem Obi