Following the constant introduction of malicious apps in Google Play Store, the Nigerian Communications Commission Computer Security Incident Response Team (NCC-CSIRT) advised against the installation of apps from the offending publisher, the “Mobile Apps Group”, whose products have been found to contain Trojan horses and adware harmful to users and their privacy.
The NCC-CSIRT’s advisory on the incident revealed that “Nigeria Computer Emergency Response Team (ngCERT) continued to observe and monitor the constant introduction of malicious mobile apps into Google Play Store.
“Mobile apps Group has a history of distributing malware-infected apps through the Google Play Store, and the current batch of apps have already been downloaded over a million times,” he said.
He listed the rogue apps in this group as Bluetooth auto-connect; Bluetooth app sender; Driver: Bluetooth, Wi-Fi, USB; and Mobile Transfer: Smart Switch.
NCC warns Nigerians against new apps that steal personal data from laptops and cellphones
According to the review:
“Apps will delay the display of advertisements for up to three days after installation to avoid detection. However, once this period passes, the user is bombarded with advertisements and directed to malicious phishing websites in the Chrome browser. When the device is idle, the malicious app can open Chrome tabs in the background. Some of the sites it opens may seem harmless, but they are pay-per-click pages that generate revenue for users. developers when they click on it.
The consequences of installing rogue apps include bombarding the user with advertisements, which will degrade the user experience; theft of sensitive user data; clicking on advertisements leading to stealth download or installation of additional malware and user’s privacy and data being compromised.
These unpleasant consequences can be avoided when users refrain from downloading apps developed by Mobile Apps Group and make sure to read app reviews before installing an app. Other suggested solutions are for users who may have installed any of the identified malicious apps to uninstall them immediately and install an updated anti-malware solution to detect and remove malware.
Defectors seek alternatives to Musk-owned Twitter
The NCC-CSIRT rated the malicious activities of the offending apps as having a high likelihood and potential for harm.
The CSIRT is the telecommunications sector cybersecurity incident center established by the NCC to focus on incidents in the telecommunications sector and as they may affect telecommunications consumers and citizens in general.
CSIRT also works in conjunction with ngCERT, established by the Federal Government to reduce the volume of future cyber risk incidents by preparing, protecting and securing Nigerian cyberspace to prevent attacks and related issues or events.