NITDA alerts Nigerians on new email-based attack from Solarwindhackers

The National Information Technology Development Agency (NITDA) is warning that Microsoft has uncovered a widespread malicious email campaign undertaken by the hacking group- NOBELIUM.

The cybercriminals leveraged the legitimate mass-mailing service, to masquerade as a US-based development organisation and distribute malicious URLs to a wide variety of organisations especially government organisations, non-government organizations (NGOs), think-tanks, military, IT service providers, health technology and research, and telecommunications providers.

“Their antics involve the use of emails claiming to be an alert from USAID about new documents published by former President Donald Trump about “election fraud,” NITDA reveals in a statement by Head, Corporate Affairs and External Relations, Mrs. Hadiza Umar.

Once users click the link in the email, the URL would direct them to the legitimate Constant Contact Service and then redirect to Nobelium-controlled infrastructure through a URL that delivers a malicious ISO file. This in turn, enables the criminals to execute further malicious objectives, such as lateral movement, data exfiltration and delivery of additional malware.

The National Information Technology Development Agency (NITDA), advises Nigerians to be wary of such criminals masquerading as USAID and follow the following recommendations:

Turn on cloud-delivered protectionin Microsoft Defender Antivirus or the equivalent to cover rapidly evolving attacker tools and techniques.
Run EDR in block mode to enable antivirus block malicious artifacts (EDR in block mode works behind the scenes to remediate malicious artifacts that are detected post-breach.)
Enable network protection to prevent applications or users from accessing malicious domains and other malicious content on the Internet.
Enable investigation and remediation in full automated mode to allow antivirus take immediate action on alerts to resolve breaches.
Use device discovery to increase your visibility into your network by finding unmanaged devices on your network and onboarding them
Enable multifactor authentication (MFA) to mitigate compromised credentials.
Block all Office applications from creating child processes.

Users and administrators are advised to review and apply the above mitigations.

NITDA alerts Nigerians on new email-based attack from Solarwindhackers

More in News

New UNESCO report warns social media affects girls

Google Developer Groups Lagos Partners SeerBit, GoMyCode on #BuildWithAI Hackathon

Future of data privacy and protection services in Nigeria: An insight from Switch Solutions Limited

ESG Research unveils critical gaps in responsible AI practices across industries

Wale Owoeye shines among Nigeria’s Top 50 Digital Economy Leaders

Nigerian tech ecosystem leads AI innovation race at GITEX AFRICA

SAS advances industry solutions with packaged AI models

Ministry and regulator silent amid telecom operators’ call for price review

Technology Picks

TECH TIPS: Taming Group Chats with WhatsApp’s ‘Mute’ Feature

Classic account takeover via the direct deposit change

FiberOne Broadband Exhibits at the Techpoint Lagos StartUp Expo in Lagos

Agu Collins Agu: Unity Board Pro Bare PCB has finally arrived!

Editorial

The Case for Globacom: Dangers of NCC’s ‘Pre-Disconnection Notice’ on indigenous telecoms enterprises

Nigeria Data Protection Act is milestone progress at balancing privacy and innovation

Upcoming Events

Explore the intersection of education and innovation in Kigali from 29-31 May

Unlocking Africa’s Potential: A Seminar Shaping the Future of Finance and Entrepreneurship

Attend the Step Conference 2024 in Dubai Internet City

More in News

You may also like

Technology Picks

Editorial

Upcoming Events

Let's Delight You with Our Beautifully Crafted Newsletter!