Nov 28, 2021

Mawazo Writing Africa

Writing about the main

7 Crucial Safety Tips as NCC Cries Out Over Iranian Hacking Group Targeting Nigerian Telcos

The Nigerian Communications Commission (NCC) has informed the public of the existence of another group of hackers who are planning a series of deadly cyber espionage on the African telecommunications network not only in the country but throughout Africa.

According to the Commission, the attack is carried out by sophisticated malware in the most recent politically motivated attacks targeting cyber espionage.

It has been announced that details of this cyber attack are included in the latest recommendation from the Nigerian Computer Emergency Response Team (ngCERT), which rates the likelihood and damage level of the new malware as high.

As included in the advisory, the hacking group is known to be focused on infiltrating the networks of telecommunications companies and ISPs.

The explanation of the N CC partially read:

“By the way the attacker worked, the initial attack of the Lyceum ht-vectors include credential stuffing and brute force attacks. Once a victim’s system is compromised, the attackers monitor certain targets. In this mode, Lyceum attempts to deploy two different types of malware: Shark and Milan (collectively known as James).

“Both malware are backdoors. Shark, a 32-bit executable in C # and. NET , generates a configuration file for Domain Name System (DNS) tunneling or Hypertext Transfer Protocol (HTTP) C2 communication; while Milan – a 32-bit Remote Access Trojan (RAT) retrieves data.

“Both are in the Able to communicate with the group’s command and control servers (C2). The APT maintains a C2 server network that connects to the group’s back doors, made up of over 20 domains, including six that were not previously associated with the threat actors.

“Individual accounts at, according to reports Businesses of interest are usually targeted and once these accounts are cracked they are used as a springboard for spear phishing attacks against high-level executives of a company -party company, but once compromised, threat actors or their sponsors can those industries as well to monitor interested persons.

“However, in order to protect themselves against this type of threat, the NCC would like to repeat once again reports that telecommunications companies and ISPs need several layers of security in addition to constant network monitoring in order to prevent potential attacks fend off. “

The Commission warned telecommunications consumers and the general public to follow these security measures:

  1. Ensure that firewalls (software, hardware and cloud firewalls) are used consistently.
  2. Enable a web application firewall to detect and prevent web application attacks by scanning HTTP traffic.
  3. Install up-to-date antivirus programs to detect and prevent a wide variety of malware, Trojans and viruses APT hackers use to exploit your system.
  4. Implement the use of intrusion prevention systems to monitor your network.
  5. Create a secure sandboxing environment that suits you allows you to open and run untrusted programs or codes without harming your operating system.
  6. Make sure you are using a virtual private network (VPN) to have an easy opportunity for Prevent APT hackers from gaining initial access to your company’s network.
  7. Activate spam and malware protection for your e-mail applications and inform your employees about potentially harmful e-mails .

No more renewals, NCC gives Nigerians a final warning not to link their SIM cards with NIN

In the meantime the NCC had urgently warned Nigerians to link their Subscriber Identity Modules (SIM) cards to their National Identity Numbers (NIN) before the deadline on Sunday, October 31st.

According to the commission, those who still adhere to them will no longer be able to use their lines after the deadline.

NCC issued this warning in a statement upon completion the second edition of the Telecommunications Consumer Town Hall radio program on Wednesday.