The National Information Technology Development Agency (NITDA), alerted Nigerians to a global threat posed by an advanced banking malware, Grandoreiro, which is spreading through sophisticated phishing campaigns.
In an advisory issued on Monday by its Computer Emergency Readiness and Response Team (CERRT), NITDA described Grandoreiro as a major cyber threat employing advanced techniques such as screen overlay attacks and remote device control to steal sensitive data, including banking credentials and personal information.
The agency explained that the malware is distributed via phishing emails and fraudulent websites, tricking victims into downloading malicious software disguised as legitimate updates or documents.
“Once installed, Grandoreiro bypasses security controls, granting attackers unauthorised access to users’ devices.
This poses a significant risk to individuals and businesses, potentially leading to financial losses and identity theft,” the advisory noted.
To counter the threat, NITDA advised the public to exercise vigilance and adopt preventive measures.
“Cyber threats like Grandoreiro are continually evolving, and users must remain proactive in securing their information,” the agency stated.
NITDA’s recommendations include: Avoiding links and attachments from suspicious emails, downloading software only from trusted and verified sources, enabling multifactor authentication for banking and financial accounts, keeping antivirus software updated, refraining from conducting financial transactions over public Wi-Fi, and regularly monitoring bank accounts for unauthorised activities.
The agency stressed that adopting these practices is critical to mitigating risks and protecting sensitive financial information from cybercriminals.
