In an advisory released on Monday, the agency stated that this emerging threat tricks Facebook users into clicking on malicious links disguised as job advertisements.
Subsequently, it gains unauthorised access to users’ sensitive information and extracts their data for potential attacks.
The agency stated, “A new threat, known as “Ov3r_Stealer” malware, has emerged, targeting users on Facebook, spreading through deceptive job advertisements and fake accounts.
“Users become infected by clicking on these malicious advertisement links. The malware employs various execution methods to extract sensitive data from victims.
“The Ov3r_Stealer malware can also be used as a dropper for other malware, including ransomware.”
NITDA further highlighted that upon clicking the advertisement, users are redirected to a malicious Discord URL.
This URL initiates the malware through a PowerShell script, cleverly disguised as a Windows Control Panel file, leading to the download of the malware payload from a GitHub repository.
“Ov3r_Stealer poses a significant risk by silently exfiltrating a wide range of personal and sensitive information including geolocation (based on IP), hardware info, passwords, cookies, credit card information, auto-fills, browser extensions, crypto wallets, Office documents, and antivirus product information.
“This data is subsequently transmitted to a Telegram channel where it is possibly sold or used for phishing attacks,” NITDA added.
To enhance protection against these attacks, NITDA recommends that Nigerians constantly update their apps. Additionally, caution is advised for Facebook users, particularly when interacting with advertisement links on social media platforms.
The agency emphasises the importance of regularly updating antivirus software on users’ systems to stay vigilant against new and evolving threats in the cyber landscape.
A report in December 2023 revealed that an average of 411,000 malicious files were being sent every day last year, signifying a three per cent increase from what was sent in 2022.