- NITDA has raised concerns over DeepLoad, an AI-based malware.
- The malware is specifically targeting Nigerian entities including businesses and government.
- Immediate protective measures are essential to combat this threat.
The National Information Technology Development Agency (NITDA) has issued a severe warning about a new and dangerous artificial intelligence-powered malware identified as DeepLoad. This malware poses significant risks to Nigerian businesses and government agencies alike.
The advisory, released on May 6, emphasizes the growing concern surrounding this malicious software, highlighting its ability to infiltrate computer systems, steal sensitive information, and bypass conventional antivirus solutions. The agency disclosed critical information through its Computer Emergency Readiness and Response Team (CERRT.NG) and communicated these findings via its official X account.
DeepLoad utilizes advanced artificial intelligence techniques to execute its damaging functions. According to NITDA, the malware cleverly infiltrates systems by exploiting deceptive website prompts that lure users into running malicious commands unknowingly. The agency described a social engineering tactic in which fake website error messages are deployed to facilitate the malware's distribution.
Once activated, DeepLoad embeds itself within the infected systems and commences the stealthy collection of credentials and other sensitive data from major web browsers. The agency stated, “Once executed, DeepLoad silently installs itself, harvests stored credentials and sensitive data from major browsers, and leverages artificial intelligence to evade antivirus detection.”
One of the most alarming characteristics of DeepLoad is its persistence; it has the potential to remain in a system even after attempts at removal. NITDA revealed that the malware employs a hidden Windows Management Instrumentation (WMI)-based method that can reactivate the infection days after initial eradication efforts.
In light of this significant threat, NITDA urges immediate appropriate reactions from both individuals and organizations. The agency highlighted the potential severe consequences of a DeepLoad infection, which could lead to unauthorized access to financial accounts, mobile money services, and sensitive personal documents.
To safeguard against this rapidly evolving cyber threat, NITDA advises Nigerians to avoid executing commands suggested by suspicious websites. Users should also steer clear of opening dubious files like “Chrome Setup” or 'Firefox Installer' from USB drives unless verified, and always scan external storage for malware before using them.
Additionally, NITDA recommends enabling two-factor authentication on critical accounts and avoiding the storage of banking passwords in web browsers. Organizations are prompted to educate their staff about DeepLoad and implement security best practices including the blocking of specific malicious domains.
For institutions facing potential infections, immediate disconnection from the internet and the changing of all passwords on clean devices are crucial steps. It is imperative that suspected incidents be reported to NITDA within 72 hours, as required by law, in order to mitigate risks and recover from infections effectively.
Why This Matters
The emergence of DeepLoad underscores the increasing sophistication of cyber threats faced by organizations in Nigeria, necessitating proactive cybersecurity measures to safeguard sensitive information.