NCC alerts Nigerians that the Google Play Store has been infiltrated with “hiddenads” malware
The Nigerian Communications Commission (NCC)’s Security Incident Response Team (NCC-CSIRT) has identified HiddenAds as a new malware threat that has entered Google Play Store and has the potential to compromise user privacy as well as negatively affect device performance.
The virus was first discovered by the McAfee Mobile Research Team, and according to NCC-August CSIRT’s 8 advisory, its likelihood of spreading and potential for damage are both high. Several device cleansers or optimization apps that were infected with malware were found in the Google Play Store.
“It can start harmful services after installation without the user accessing the app. Additionally, it bombards the user with pointless advertising. The NCC security team cautioned that the apps had between 100,000 and over one million downloads.
This comes right after the federal government praised the Nigerian Communications Commission’s leadership for the organization’s remarkable achievements, which have helped Nigeria gain a remarkable international reputation and put the telecom regulator at the forefront of the country’s efforts to achieve forward-looking national economic growth.
Dr. William Alo, the Permanent Secretary of the Ministry of Communications and Digital Economy, made this statement recently when he met with the NCC management team, which was led by Professor Umar Garba Danbatta, the Executive Vice Chairman of the Commission, who gave him an update on the state of the sector following his recent appointment to the Ministry.
“So far, so good. Everyone in the nation and abroad is fully aware of the NCC’s strategic significance as a regulatory organization for the Nigerian telecommunications industry. As the country works to diversify its economy,” Alo added, “We also know that nowadays, between oil and communications, the latter is gradually taking over in terms of providing the country with revenue.”
He asserted that it is true that the quality of service has significantly improved over the past few years and that the Commission deserves praise for its efforts in this regard.
Danbatta, who attended the briefing with a team that included two executive commissioners and directors of the Commission, listed achievements made since 2015 in terms of teledensity, broadband penetration, and the industry’s significant contribution to GDP, which increased from 8.5% in the fourth quarter of 2015 to 12.61% in the fourth quarter of 2021. Over the same period, the sector also attracted more than $2 billion in foreign direct investment.
The warning claims that Junk Cleaner, EasyCleaner, Power Doctor, Carpet Clean, Super Clean, Meteor Clean, Strong Clean, Windy Clean, Fingertip Cleaner, Keep Clean, Full Clean – Clean Cache, Quick Cleaner, and Cool Clean are all aliases for the app HiddenAds.
“Whether the user has accessed the app or not, a malicious service is automatically installed on the device when a user installs any of the aforementioned apps. The app will then make an effort to blend into the app tray by switching to the well-known Google Play icon, according to the advisory. Its name will also change to “Setting” or “Google Play. After then, a barrage of misleading advertisements would dramatically degrade the user experience on the device.
Additionally, it warned that using the hacked software would cause “severe device performance degradation, risk stealth downloads/installation of additional malware, risk of users accidentally subscribing to services and incurring monthly charges, and risk to users’ privacy.”
Users should avoid downloading dubious apps or apps “they are unsure about,” and those who have installed any malicious apps should remove them right away, according to NCC-CSIRT. It also stated that “where the malicious app’s icon and name have changed, it can be identified by the fact that it is removable while the legitimate Google Play app cannot be uninstalled.”
Installing anti-virus/anti-malware software with a track record for identifying and eradicating malware was advised by the NCC security team.
The NCC established the CSIRT as the telecom industry’s cybersecurity incident center to focus on incidents that may have an impact on telecom users and the general public.