Nigeria’s digital space is facing a fresh cyber security threat as the National Information Technology Development Agency (NITDA) warned Nigerians about a dangerous AI-powered malware called DeepLoad malware.
The agency issued the alert through its Computer Emergency Readiness and Response Team (CERRT.NG) on May 6. The warning followed rising cyber attacks affecting government agencies, businesses, banks, and individuals across the country.
According to NITDA, the DeepLoad malware uses artificial intelligence to avoid detection while stealing sensitive information from infected systems. The agency explained that attackers spread the malware through fake website prompts designed to deceive users into running harmful commands on their computers.
In its advisory, NITDA stated that “The malware is distributed through a social engineering technique involving fake website error.”
The agency added that once the DeepLoad malware enters a system, it quietly installs itself and begins harvesting passwords, browser credentials, and private data from users.
NITDA further disclosed that the malware can remain active even after removal attempts. The agency explained that DeepLoad uses a hidden Windows Management Instrumentation mechanism that can reactivate the infection days later.
“Critically, the malware incorporates a hidden WMI-based persistence mechanism capable of reactivating the infection up to three days after apparent removal,” the advisory noted.
Why the DeepLoad malware worries experts
NITDA said the AI-powered malware poses serious risks to both organisations and individuals in Nigeria. The agency warned that cybercriminals could use stolen information to gain access to bank accounts, payment systems, and mobile money platforms.
In addition, the malware could expose personal documents, passwords, and sensitive business information stored on browsers and devices.
The agency also warned that attacks involving the DeepLoad malware could disrupt operations in companies and government institutions. Furthermore, NITDA noted that successful breaches may threaten classified government networks and national security systems.
Because of the growing threat, the agency urged Nigerians to avoid copying commands from suspicious websites into their computers. NITDA stressed that trusted software providers do not request such actions from users.
The agency also advised people against opening suspicious installation files from USB devices without scanning them first.
NITDA urges stronger cyber security steps
As part of its recommendations, NITDA encouraged Nigerians to activate two-factor authentication on important accounts and avoid saving banking passwords on browsers.
For organisations, the agency advised companies to educate workers immediately about the DeepLoad malware threat. It also recommended monitoring browser extensions and enabling PowerShell Script Block Logging across Windows systems.
NITDA additionally urged institutions to block suspicious domains linked to the malware and investigate hidden WMI Event Subscriptions that may keep infections active.
The agency stressed that organisations suspecting attacks should disconnect affected systems from the internet immediately and change passwords using clean devices.
NITDA concluded the advisory by urging institutions to activate their incident response teams and report cyber incidents within 72 hours as required by law.
I am passionate about crafting stories, vibing to good music (and making some too), debating Nigeria’s political future like it’s the World Cup, and finding the perfect quiet spot to work and unwind.
No Comments