Back

NITDA Issues Urgent Warning on AI Malware DeepLoad Targeting Nigeria

Severity: High (Score: 69.9)

Sources: Punchng, Arise.Tv, Thecondia, Allafrica, Tvcnews.Tv

Summary

The National Information Technology Development Agency (NITDA) has issued a critical alert regarding a new AI-powered malware named DeepLoad, which is actively targeting Nigerian government agencies, financial institutions, businesses, and individuals. The malware employs social engineering tactics, specifically fake website error messages, to trick users into executing malicious commands. Once activated, DeepLoad installs itself silently and begins harvesting sensitive data, including passwords and financial information, while evading traditional antivirus detection. Notably, it features a hidden persistence mechanism that can reactivate the infection up to three days after removal attempts. NITDA has emphasized the urgency of implementing protective measures to mitigate the risk of identity theft and operational disruptions. The agency's advisory highlights the malware's potential to compromise classified data and national security infrastructure. Immediate action is advised for all affected entities to prevent successful infections. Key Points: • DeepLoad malware targets Nigerian government agencies, banks, and individuals. • It spreads through social engineering, tricking users with fake website error messages. • The malware can reactivate itself days after removal, posing a significant risk.

Key Entities

  • Data Breach (attack_type)
  • Malware (attack_type)
  • Corporate Affairs Commission (company)
  • Economic And Financial Crimes Commission (company)
  • Remita (company)
  • Remita Payment Services (company)
  • Sterling Bank (company)
  • Nigeria (country)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • cerrt.ng (domain)
  • forest-entityl.cc (domain)
  • Financial (industry)
  • Government (industry)
  • DeepLoad (malware)
  • T1003 - OS Credential Dumping (mitre_attack)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1047 - Windows Management Instrumentation (mitre_attack)
  • T1059.001 - PowerShell (mitre_attack)
  • T1566 - Phishing (mitre_attack)
  • Windows (platform)
  • Windows Management Instrumentation (tool)
  • PowerShell (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed