Close Menu
Innovation Village | Technology, Product Reviews, Business
    Facebook X (Twitter) Instagram
    Sunday, May 18
    • About us
      • Authors
    • Contact us
    • Privacy policy
    • Terms of use
    • Advertise
    • Newsletter
    • Post a Job
    • Partners
    Facebook X (Twitter) LinkedIn YouTube WhatsApp
    Innovation Village | Technology, Product Reviews, Business
    • Home
    • Innovation
      • Products
      • Technology
      • Internet of Things
    • Business
      • Agritech
      • Fintech
      • Healthtech
      • Investments
        • Cryptocurrency
      • People
      • Startups
      • Women In Tech
    • Media
      • Entertainment
      • Gaming
    • Reviews
      • Gadgets
      • Apps
      • How To
    • Giveaways
    • Jobs
    Innovation Village | Technology, Product Reviews, Business
    You are at:Home»Cybersecurity»NCC warns: a new malware steals Telegram users’ data without two-factor authentication
    Hacker

    NCC warns: a new malware steals Telegram users’ data without two-factor authentication

    1
    By Smart Megwai on November 23, 2022 Cybersecurity, Social Media, Telegram

    The Nigerian Communications Commission through its Computer Security Incident Response Team has reported a new way hackers use to attack people’s social media accounts.

    According to a discovery made by Ukrainian cyber experts, the attack originated from suspected Russian threat actors that compromises  victims’ VPN (Virtual Private Network) accounts to access and encrypt networked resources.

    The Researchers claim the attack which uses Vidar Malware (Vidar Stealer) to steal Telegram session data, which in the absence of configured two-factor authentication and a passcode, allows unauthorized access to the victim’s telegram account and corporate account or network.

    Based on this, NCC is advising Telegram users in Nigeria to enable the Two-Factor authentication (2FA) security to protect their accounts and to avoid downloading unknown Advanced IP Scanner Software.

    Five Reasons Why You Should Activate Two-Factor Authentication

    Vidar Stealer is a malware specialized in stealing information mainly distributed as spam mail or crack version commercial software and keygen program. For those curious, you can learn more about the malicious application which aims at stealing banking and crypto wallets information, as well as other login credentials, IP addresses and browsing history.

    The Ukrainian Computer Emergency Response Team (CERT) has claimed that a Somnia Ransomware was developed specifically for use on Telegram in an attempt to fool users into downloading an installer that seems to be ‘Advanced IP Scanner’ software but actually includes Vidar Malware. The Vidar stealer is installed by the installer, which then steals the victim’s Telegram session data in order to take over the account.

    “The threat actors abuse the victim’s Telegram account in some unspecified manner to steal VPN connection data (authentication and certificates). If the VPN account is not protected by two-factor authentication passcode, the hackers use it to gain unauthorized access to the victim’s employer’s corporate network”, the alert and advisory states.

    “Once inside, the intruders conduct reconnaissance work using tools like Netscan, Rclone, Anydesk, and Ngrok, to perform various surveillance and remote access activities, and then deploy a Cobalt Strike beacon, exfiltrating data using the Rclone program,” it added.

    The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.

    The CSIRT also works collaboratively with ngCERT, established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting, and securing Nigerian cyberspace to forestall attacks, and problems or related events.

    Related

    Android target for mobile malware CYbersecurity Nigerian Communications Commission (NCC) Telegram
    Share. Facebook Twitter Pinterest LinkedIn Email
    Smart Megwai
    • Facebook
    • X (Twitter)
    • Instagram
    • LinkedIn

    Smart is a Tech Writer. His passion for educating people is what drives him to provide practical tech solutions which helps solve everyday tech-related issues.

    Related Posts

    Threads Adds Profile Links and Click Tracking

    TikTok Unveils ‘AI Alive’ to Breathe Life into Your Photos

    Android Boosts Safety with Smarter Scams Protection and Find Hub

    1 Comment

    1. Pingback: NCC warns Android device owners of yet another dangerous malware, Schoolyard Bully Trojan - Innovation Village | Technology, Product Reviews, Business

    Leave A Reply Cancel Reply

    You must be logged in to post a comment.

    Copyright ©, 2013-2024 Innovation-Village.com. All Rights Reserved

    Type above and press Enter to search. Press Esc to cancel.