NITDA Issues Warning on Advanced AI-Powered Malware DeepLoad
The National Information Technology Development Agency (NITDA) has raised a crucial security alert regarding a new artificial intelligence-driven malware called DeepLoad. This threat is reportedly targeting government agencies, financial institutions, businesses, and individuals throughout Nigeria.
The agency disseminated this warning via its Computer Emergency Response Team account on X, highlighting the escalating trend of cyber-attacks on Nigerian organizations.
DeepLoad represents a particularly sophisticated strain of malware designed to infiltrate systems and steal sensitive information while evading standard antivirus software. It exploits social engineering tactics, particularly through fraudulent website error messages that deceive users into executing harmful commands.
NITDA emphasized that the malware is primarily distributed through these misleading techniques, which can convince individuals to take actions detrimental to their data security.
Once activated, DeepLoad quietly installs itself on the targeted device and begins extracting stored credentials and sensitive data from popular web browsers. It employs artificial intelligence methods to avoid detection and maintain its malicious activities.
The agency further noted that DeepLoad possesses a persistence mechanism that complicates removal efforts. This malware can reactivate itself as soon as three days after it seems to have been eradicated, posing a continual threat.
NITDA underscored the seriousness of this situation and urged immediate protective measures. The agency cautioned all organizations and individuals in Nigeria to implement the recommended security protocols available in its advisory.
Infected organizations could face significant disruptions, including system outages and lengthy recovery processes. A breach involving government networks could jeopardize sensitive data and undermine national security infrastructure.
To mitigate the risk of infection, NITDA advised users against executing commands from unfamiliar websites, as legitimate software providers do not require such actions. Additionally, users are cautioned against installing software from unverified USB drives and are encouraged to scan all external storage devices before use.
Other critical preventative measures include enabling two-factor authentication on important accounts, refraining from saving banking passwords in browsers, monitoring browser extensions for suspicious activity, blocking known malicious domains at the firewall and DNS level, and activating advanced logging tools on Windows systems.
Organizations are advised to provide employee education on the matter, closely monitor systems for hidden persistence mechanisms, and promptly isolate any suspected infected devices. NITDA concluded that incidents should be reported without delay, affected systems should be disconnected from the internet, passwords reset from secure devices, and internal response teams activated within hours to effectively manage the threat.
