NCC urges Nigerian Samsung users to upgrade their Galaxy Store applications to avoid cyberattacks

Avatar
NCC urges Nigerian Samsung users to upgrade their Galaxy Store applications to avoid cyberattacks

The Nigerian Communications Commission (NCC), through its Computer Security Incident Response Team (CSIRT), has advised Nigerians using Samsung phones to update the Galaxy Store application immediately to avoid cyberattacks.

The heads-up is due to the discovery of multiple vulnerabilities in the Samsung Galaxy App Store application, which can result in unwanted app installations and code execution. 

The NCC-CSIRT revealed that Ken Gannon, a cybersecurity researcher from NCC Group, detected the infiltration in the Galaxy App Store application on Samsung devices that are running Android 12 and older. 

As the NCC-CSIRT warned that cybercriminals are continuously devising new means of compromising their targets, they explained;

NCC urges Nigerian Samsung users to upgrade their Galaxy Store applications to avoid cyberattacks

“We advise phone and computer users advised users not open files from people they do not know, not to click ‘OK’ and immediately exit the application if they receive a warning that opening an attachment or link can damage their computer or files and to promptly share an unknown email they believe to be genuine with a security or Windows administrator to assist in determining whether the file is secure.” 

Read More; NCC warns against participating in viral TikTok challenge

What is NCC-CSIRT saying about the cyberattacks?

The NCC-CSIRT aims to raise awareness about cybersecurity and provide the public with general knowledge and tools required for online safety; it has informed Samsung users to update the Galaxy Store application and users should refrain from giving out their sensitive details on any untrusted platforms.

The CSIRT explained that although some of the 450,000 malicious apps have been removed, others are still quite active on the store.

Some active malicious apps are games or investment services designed to infiltrate sensitive user information. They include; Golden Hunt, Reflector, Seven Golden Wolf Blackjack, Unlimited Score, Big Decisions, Jewel Sea, Lux Fruits Game, Lucky Clover, King Blitz, and Lucky.

In addition to the above instructions, the team reported that the cybersecurity analysts at ASEC (South Korea’s cybersecurity emergency response centre) have also unearthed NetSupport RAT malware being dispersed by threat actors from a hacking website under the disguise of a popular Pokemon card game. 

NCC urges Nigerian Samsung users to upgrade their Galaxy Store applications to avoid cyberattacks
NCC urged Nigerian Samsung users to upgrade their Galaxy Store applications before “had I known”
  • The malware is a remote access tool that easily controls its victims’ Personal Computers. It may allow the attackers to remotely control the compromised computer’s mouse and keyboard, access the system’s file management and history and even execute commands allowing them to install additional malware.   
  • According to the researcher, the CRAFTED website that spread the malware is still online. It claims to be home to a new NFT card game built around the Pokemon franchise, offering users strategic fun together with NFT investment profits.

The analysts elucidated how users can be stripped of sensitive information. After the installation and opening of the app, a remote server will automatically be notified and synced on the instructions on what to do next. These instructions will include hacking into pages that will be displayed to unsuspecting users to strip them of their sensitive information.

Read More; NCC Announces Publication of Final Information Memorandum on 3.5GHz Spectrum Auction


Technext Newsletter

Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!

Register for Technext Coinference 2023, the Largest blockchain and DeFi Gathering in Africa.

Technext Newsletter

Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!