TheNewsGuru

Tag: Hackers

  • MTN under attack as hackers breach network

    MTN under attack as hackers breach network

    MTN Nigeria on Friday, April 25, confirmed that it was recently targeted in a cyber attack but has moved to calm concerns, assuring customers, partners, and stakeholders that its key systems and customer data were not compromised.

    The telecoms giant in a statement released on Thursday, April 24, revealed that it had detected unauthorized activity within its network, and had acted swiftly to isolate and neutralize the threat.

    The Chief Executive Officer of MTN Nigeria, Karl Toriola disclosed that the attackers had sough to disrupt operation, but their attempts were unsuccessful.

    He emphasized that the incident did not affect Nigeria specifically, and critical infrastructure, including customer information and core business functions, remained secure.

    “We take cybersecurity very seriously and have robust systems in place to detect, isolate, and neutralize threats. Although this attack attempted to breach our defenses, our security protocols worked as intended, and our core infrastructure remains secure,” Toriola stated.

    The telecom giants did not however reveal the nature or origin of the cyberattack on its systems, cybersecurity analysts warn that telecom companies across Africa are becoming prime targets for cybercriminals. This growing threat is linked to the sector’s vast subscriber base and the continent’s rapidly expanding digital economy.

    An internal source within MTN confirmed that the breach did not affect operations in Nigeria, reinforcing the company’s earlier statement that local infrastructure and services remain intact.

    The attack comes at a time when Nigeria is accelerating its digital transformation agenda, an ambitious effort that places increased responsibility on service providers to strengthen their cybersecurity protocols.

    MTN has pledged to work closely with cybersecurity experts and government authorities to conduct a thorough investigation of the incident. The company also affirmed its commitment to bolstering its systems and defenses to prevent future breaches and safeguard customer trust.

  • Simple steps to retrieve hacked WhatsApp in less than 10 minutes

    Simple steps to retrieve hacked WhatsApp in less than 10 minutes

    If your WhatsApp is hacked, you can retrieve it back in less than 10 minutes if you have a good network connection.

    Do not report your number for WhatsApp to block it. Take the recovery simple steps below:

    1. Uninstall the WhatsApp app from your phone.
    2. Go to app store and download it afresh.
    3. Launch the app with the same phone number. Make sure you have the sim card bearing that number which was hacked. A six-digit code will be sent to your phone number via sms.
    4. Enter the six-digit code that WhatsApp sends to you via sms.

    This process logs you into your account immediately, and automatically logs out the hacker.

    If you are asked to provide a two-step verification code, when you did not set up one, it means the individual using your account must have activated a two-step verification code.

    Since you do not have the code, it means you have to wait 7 days again before you can sign in without the two-step verification code.

    Remember that the hacker had been logged out immediately you were logged in with the 6-digit SMS code.

    So the hacker cannot continue any chat with your contacts and they cannot even get access to your WhatsApp account during this period.

  • Hackers seize portable’s Instagram account

    Hackers seize portable’s Instagram account

    Popular Nigerian singer, Habeeb Olalomi Oyegbile, popularly known as  Portable, has lost his official Instagram account to hackers.

    The artiste’s management confirmed the development in a statement on Wednesday.

    They assured that the hacked Instagram account will be retrieved soon.

    According to them, the hackers are impersonating Portable and are likely to be using the account to spread false information, scams, and potentially harmful content.

    The statement partly reads “We regret to inform you that Portable’s official Instagram account has been hacked and taken over by unknown fraudsters. We understand that this incident may cause concern and confusion among our loyal fans, and we want to assure you that we are actively working to resolve this issue,” it said.

    It, therefore, urged fans of the singer to disregard any messages, posts, or requests coming from the compromised account.

  • “Over 6.9 million attacks were recorded on election day” -Prof Pantami

    “Over 6.9 million attacks were recorded on election day” -Prof Pantami

    The Minister of Communications and Digital Economy, Prof Isa Pantami, has revealed that over 6.9 million attacks were recorded on election day (February 25, 2023) alone.

    He noted that no fewer than 12.9 million cyberattacks were recorded from within and outside the country during the just-concluded Presidential and National Assembly polls.

    Disclosing this on Tuesday, Pantami explained that the attacks were successfully blocked owing to the sophisticated infrastructure on the ground by different agencies of government charged with the responsibility of protecting the nation’s cyberspace.

    During this period, a series of hacking attempts were recorded, including Distributed Denial of Service (DDoS), email and IPS attacks, SSH Login Attempts, Brute force Injection attempts, Path Traversal, Detection Evasion, and Forceful Browsing

    While commending President Muhammadu Buhari for providing the enabling environment for agencies of government to perform their assignments without let or hindrances, the Minister stated that in the build-up to the presidential elections, threat intelligence revealed an astronomical increase in cyber threats to Nigeria’s cyberspace.

    “A total of 12,988,978 attacks were recorded, originating from both within and outside Nigeria. It is worth noting that the Centers successfully blocked these attacks and/or escalated them to the relevant institutions for appropriate action,” Pantami said, according to a statement by his media aide, Uwa Suleiman.

    “During this period, a series of hacking attempts were recorded, including Distributed Denial of Service (DDoS), email and IPS attacks, SSH Login Attempts, Brute force Injection attempts, Path Traversal, Detection Evasion, and Forceful Browsing.

    "Over 6.9 million attacks were recorded on election day" -Prof Pantami
    Prof Isa Pantami

    “The parastatals, under the supervision of the Ministry of Communications and Digital Economy, have played a crucial role in providing the enabling environment for the successful conduct of a credible, free, fair, and transparent election.”

    He also commended the cybersecurity centre established under his Ministry, including the National Information Technology (NITDA)’s Computer Emergency Readiness and Response Team (CERRT), the Nigerian Communications Commission (NCC)’s Computer Security Incident Response Team (CSIRT), and Galaxy Backbone (GBB)’s Security Operations Centre (SOC) for a job well done.

  • Hackers make 66 attempts to compromise Nigeria’s FEC meeting

    Hackers make 66 attempts to compromise Nigeria’s FEC meeting

    Hackers from Europe made 66 attempts to compromise the virtual meetings of Nigeria’s Federal Executive Council (FEC); attempts that were foiled, according to the federal government.

    TheNewsGuru.com (TNG) reports Minister of Communications and Digital Economy, Isa Pantami revealed this in Abuja at the 19th edition of the President Muhammadu Buhari (PMB) Administration Scorecard Series (2015-2023).

    The scorecard series was organised by the Ministry of Information and Culture to showcase the achievements of the Buhari’s administration.

    Presenting the scorecards of his ministry, Pantami said since the unveiling of the National Policy on Virtual Engagements for Federal Public Institutions in October, 2020, not less than, 108 virtual FEC meetings had been held.

    He said from the 108 virtual FEC meetings held, 66 attacks to compromise the meetings were made from Europe but all were failed.

    The minister said all the cases were reported to the appropriate authorities for the record and actions.

    He recalled that the National Policy on Virtual Engagements was launched to formalise government online meetings such as FEC and Council of State meetings.

    The minister said that with the policy developed with the office of the Head of Service of the Federation, government’s virtual meetings could be held effectively and legally.

    He said the implementation of the virtual meetings had saved the country over N47 billion which could have been used if they were held physically.

    The minister also disclosed that in line with Buhari’s vision to lift millions of Nigerians out of poverty, not less than 2.2 million jobs had been created in the digital sector in the past three years.

    He said the feat was achieved in the sector by the implementation of the Executive Orders signed by the President to priotise indigenous content as well as indigenous professional in the execution of national projects.

    Pantami said in the execution of jobs, planning and design of projects as well as appointments of key officials in the digital sector of the country priorities were given  to indigenous professionals.

    He said his ministry also priotised the execution of programmes and projects that could generate direct and indirect jobs.

  • How Hackers stole $11m from Nigeria, others

    How Hackers stole $11m from Nigeria, others

    A gang of hackers, OPERA1ER, has stolen at least $11m from companies in Nigeria, Benin, Cameroon, 11 other African countries, and Argentina.

    This is according to a new report from Group-IB, a cybersecurity firm, entitled, “OPERA1ER: Playing God without permission,” in collaboration with the researchers from Orange CERT Coordination Center.

    The firm disclosed that digital forensic artifacts analyzed by it and Orange followed more than 30 successful intrusions of the gang between 2018 and 2022.

    The company’s data revealed that companies in Ivory Coast were the most targeted.

    It said this helped it to trace affected organizations in Ivory Coast, Mali, Burkina Faso, Benin, Cameroon, Bangladesh, Gabon, Niger, Nigeria, Paraguay, Senegal, Sierra Leone, Uganda, Togo, and Argentina.

    It added that while it estimated that the gang stole $11m, it could have actually stolen as high as $30m.

    It stated, “The report takes a deep dive into financially motivated attacks of the prolific French-speaking threat actor, codenamed OPERA1ER.

    “Despite relying solely on known ‘off-the-shelf’ tools, the gang managed to carry out more than 30 successful attacks against banks, financial services, and telecommunication companies mainly located in Africa between 2018 and 2022. OPERA1ER is confirmed to have stolen at least $11m, according to Group-IB’s estimates.

    “One of OPERA1ER’s attacks involved a vast network of 400 mule accounts for fraudulent money withdrawals. Researchers from the Group-IB European Threat Intelligence Unit identified and reached out to 16 affected organizations so they could mitigate the threat and prevent further attacks by OPERA1ER.”

    According to the firm, the report was completed in 2021 when the threat actor was active. Head of cyber threat research at Group-IB Europe, Rustam Mirkasymov, said, “Detailed analysis of the gang’s recent attacks revealed an interesting pattern in their modus operandi: OPERA1ER conducts attacks mainly during the weekends or public holidays.

    “It correlates with the fact that they spend from 3 to 12 months from the initial access to money theft. It was established that the French-speaking hacker group could operate from Africa. The exact number of the gang members is unknown.”

  • Russian hackers block Bulgarian Government Websites

    Russian hackers block Bulgarian Government Websites

     

    Russian hackers have paralysed a series of Bulgarian government websites in a large-scale cyberattack, an investigator said on Saturday.

    The websites of the president, the government, key ministries and the Constitutional Court in Bulgaria were rendered inaccessible or were only able to run slowly if at all, according to official sources.

    “The hacking attack came from the territory of the Russian Federation,” said the head of Bulgaria’s investigation agency, Borislav Sarafov.

    “This is an attack on the Bulgarian state,” said prosecutor general, Ivan Ghev, who described it as a “serious problem.”

    “As part of the European family, Bulgaria defends European values,” he said, adding that it is “normal” that this also has consequences.

    Meanwhile, Bulgaria is providing Ukraine with humanitarian support as Russia continues to wage war with the country. Bulgaria is also taking in Ukrainians who are fleeing the war.

    However, the cyberattack on Bulgarian institutions did not affect any content or personal data, the Ministry of Digital Affairs said, adding that the attacks had been halted.

  • NCC alerts on latest trick hackers use to unlock, steal vehicles

    NCC alerts on latest trick hackers use to unlock, steal vehicles

    The Nigerian Communications Commission (NCC) has alerted telecom consumers and members of the public on an ongoing cyber-vulnerability which allows a nearby hacker to unlock vehicles, start their engines wirelessly and make away with them.

    The NCC’s Director of Public Affairs (DPA), Dr Ikechukwu Adinde, made this known in a statement on Sunday in Abuja.

    Adinde quoted the latest advisory released by the Computer Security Incident Response Team (CSIRT) established by the NCC, as saying:

    “The fact that car remotes were categorised as short-range devices that make use of Radio Frequency (RF) to lock and unlock cars informed the need to alert Nigerians on this emergent danger.

    “The vulnerability is a Man-in-the-Middle (MitM) attack or, more specifically, a replay attack in which an attacker intercepts the RF signals normally sent from a remote key fob to the car.

    “It manipulates these signals and re-sends them later to unlock the car at will.

    “With this latest type of cyber-attack, it is also possible to manipulate the captured commands and re-transmit them to achieve a different outcome altogether.

    “Multiple researchers disclosed a vulnerability, which is said to be used by a nearby attacker to unlock some Honda and Acura car models and start their engines wirelessly.

    “The attack consists of a threat actor capturing the RF signals sent from your key fob to the car and resending these signals to take control of your car’s remote keyless entry system,” the advisory stated.

    He, however, said that the NCC-CSIRT, in the advisory, had offered some precautionary measures or solutions that could be adopted by car owners to prevent falling victim.

    According to the cyber-alert unit of the commission, when affected, the only mitigation is to reset your key fob at the dealership.

    “Besides, the affected car manufacturer may provide a security mechanism that will generate fresh codes for each authentication request, this makes it difficult for an attacker to ‘replay’ the codes thereafter.

    “Additionally, vulnerable car users should store their key fobs in signal-blocking ’Faraday pouches’ when not in use.”

    He advised car owners in these categories to choose Passive Keyless Entry (PKE) as opposed to Remote Keyless Entry (RKE), which would make it harder for an attacker to read the signal due to the fact that criminals would need to be at close range to carry out their nefarious acts.

    He explained that the PKE is an automotive security system that operates automatically when the user is in proximity to the vehicle, unlocking the door on approach or when the door handle is pulled.

    He also said that the user locks it when walking away or touches the car on exit.

    He added that the RKE system, on the other hand, represents the standard solution for conveniently locking and unlocking a vehicle’s doors and luggage compartment by remote control.

    In a related advisory, he said that the NCC, based on another detection by CSIRT, wishes to inform the general public about the resurgence of Joker Trojan-Infected Android Apps on Google Play Store.

    “This arose due to the activities of criminals who intentionally download legitimate apps from the Play Store, modify them by embedding the Trojan malware and then uploading the app back to the Play Store with a new name.

    “The malicious payload is only activated once the apps goes live on the Play Store, which enables the apps to scale through Google’s strict evaluation process.

    “Once installed, the apps request for permissions that once granted, enable the apps to have access to critical functions such as text messages and notifications.

    “As a consequence, a compromised device will subscribe unwitting users to premium services, billing them for services that do not exist. A device like this can also be used to commit Short Messaging Service (SMS) fraud while the owner is unaware,” he said.

    Adinde said that the app could click on online ads automatically and even use SMS One-Time Password (OTPs) to secretly approve payments without checking bank statements.

    He said that the user would be unaware that he or she had subscribed to an online service.

    He further said that other actions, such as stealing text messages, contacts, and other device data, were also possible.

    He cautioned that to avoid falling victim to this manipulation, Android users should avoid downloading unnecessary apps or installing apps from unofficial sources.

    According to him, the NCC also advises telecom consumers to ensure that apps installed from the Google Play Store are heavily scrutinised by reading reviews, assessing the developers, perusing the terms of use and only granting the necessary permissions.

    “The commission recommends that unauthorised transactions be checked against any installed app.

    “Indeed, any apps not in use should be deleted while users are also advised to ensure that a device is always patched and updated to the latest software,” he said.

  • Signs your phone may have been hacked

    Signs your phone may have been hacked

    Hackers are on the prowl, and while they might be far away, they can be closer than you can imagine.

    Smart hackers don’t get caught, but then, there are ‘our village people’ hackers, who will hold your phone just to get access into your social media accounts or email addresses.

    Smart hackers can break into your device, steal everything they can, and finish without a trace.

    Sometimes they leave a trail of destruction in their wake – malware, weird ads, confused relatives, and even a drained bank account or stolen identity.

    In our clime, smartphones are mostly vulnerable to cyber-criminals. So what if they’ve already broken in, yet you don’t even know they are there?

    Here are clear-cut signs that you have been hacked.

    Programs and apps start crashing

    Now, here is a clear sign that your phone has been hacked. If apps are either crashing or disabled, a nasty virus has likely taken hold of your critical files.

    You may not be able to click on once-reliable apps. In the worst case scenario, ransomware may prevent you from opening your favorite files.

    Your gadget suddenly slows down

    One of the side-effects of malicious software is a slow gadget. Apps get sluggish, or constantly freeze, or even crash. If you start noticing some of these symptoms, your phone may very well have been hacked.

    Malicious software usually runs in the background, secretly eating up your gadget’s resources while it’s active.

    You start seeing strange pop-up ads

    Malware can also add bookmarks that you don’t want, website shortcuts to your home screen that you didn’t create, and spammy messages that entice you to click through. Apart from slowing down your gadget and eating away at your data, these intrusive notifications can also install more malware on your system.

    Criminals can also hijack your phone to modify the ads that you see while browsing. Instead of the regular ads that you should be getting, they can be replaced with inappropriate or malicious ones.

    You’re using way more data than usual

    Every Internet provider has tools that can keep track of your monthly bandwidth consumption. Look at data usage and compare the amount of data used from the prior months. If you notice sudden spikes in your data activity even though you haven’t changed your patterns, then chances are you are infected.

    For example, adware infected gadgets usually perform unsolicited clicks in the background to generate profit for cybercriminals. These stealthy tactics use up bandwidth and the unauthorized data they consume should be fairly easy to spot.

    Unexplained online activity on your device

    Hackers covet your usernames and passwords. These details, coupled with social engineering tricks, can gain access to your banking accounts, your social media profiles, and your online services.

    Keep an eye on your email’s “sent” folder and on your social network posts. If you notice emails and posts that you don’t remember sending or posting, it’s likely that you have been hacked.

    Constantly check your accounts for unauthorized activities.

    Strange 2-factor authentication attempts

    Someone might be sitting miles away and initiating a process to hack into your social media accounts or email addresses. If your accounts are protected with two factor authentication, the account will immediately alert you. If you received strange two factor authentication attempts and you granted access, your account must have been compromised.

    Your gadget suddenly restarts

    Automatic restarts are part of normal computer life. Software updates and new application installs can prompt you to reboot your computer. Your system will warn you when these happen, and you can delay or postpone them. Yet sudden restarts are a different story.

    Watch out for these signs and always keep safe with your digital life.