• About
  • Advertise
  • Careers
  • Contact Us
Friday, June 27, 2025
  • Login
No Result
View All Result
NEWSLETTER
Tech | Business | Economy
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
No Result
View All Result
Tech | Business | Economy
No Result
View All Result
Home Business Security

NCC-CSIRT Advises Factory-Resetting Infected Devices to Beat Xenomorph Malware

by Techeconomy
December 7, 2022
in Security
0
XENOMORPH malware
Beware of XENOMORPH Malware, NCC warns telecom users

Beware of XENOMORPH Malware, NCC warns telecom users

UBA
Advertisements

A malware, XENOMORPH, that installs Trojan in banking apps on the Android platform to steal login details, raid bank accounts,  and read the users SMS, has been flagged by the Nigerian Communications Commission‘s Computer Security Incident Response Team (NCC-CSIRT).

The Team suggests that owners of compromised devices take the extreme measure of doing factory resetting of infected devices.

NCC-CSIRT, citing Zscaler ThreatLabz, said, “The Todo: Day Manager hijacks your login info from banking apps, and can even read your SMS messages. It installs a banking trojan malware called Xenomorph that allows the app to intercept your two-factor verification codes (typically delivered over text) to raid your logins – and bank account.

“Xenomorph performs overlay attacks by exploiting accessibility permissions in Android, resulting in the overlaying of fraudulent login screens on banking apps aimed at exfiltrating credentials. The Android app makes itself intentionally difficult to delete. You need to search your phone for it immediately and uninstall it.”

“It starts with asking users to enable access permission. Once provided, it adds itself as a device admin and prevents users from disabling Device Admin, making it un-installable from the phone.  If you haven’t given permission to the app, then you should be able to uninstall it safely. Otherwise, you may have to back up your files and then factory-reset your phone to clear the app completely,” it advised.

In terms of potential solutions to the malware, NCC-CSIRT advised that “Search your phone for the app and uninstall immediately or backup your files and factory reset your phone.

“Only search for an app in the Google Play Store, pay close attention to the search results, look at the apps icons, note that fake apps almost always use the icon from the app they’re faking, then look at the developer’s name and make sure it’s from the right developer.

Also, look at the app’s download count. If the app has a lot of downloads going into millions to hundreds of thousand that’s a clue that it’s the right app.

Then, finally, look at the app’s description and screenshots to ensure that it doesn’t contain multiple spelling or grammar mistakes or otherwise broken English.

“Make use of Google Play Protect, which regularly scans your apps for malware and will alert you to uninstall rogue apps.”

The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.

The CSIRT also works collaboratively with Nigeria Cybersecurity Emergency Response Team (ngCERT), established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting, and securing Nigerian cyberspace to forestall attacks, and problems or related events.

Loading

Advertisements
MTN ADS

Author

  • Techeconomy
    Techeconomy

    View all posts
0Shares
Tags: NCC-CSIRTXENOMORPHXENOMORPH trojanZscaler ThreatLabz
Techeconomy

Techeconomy

Next Post
‘DecemberIsAVybe’ campaign

FirstBank DecemberIsAvybe: If Your December is Not Vybing, You Aren’t in December

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended

Steve Adodo | Advanced Profiling and Optimization Techniques

High-Performance Systems: Advanced Profiling and Optimization Techniques for Large-Scale Applications

2 years ago

Sustaining Nigeria’s transport sector using technology

3 years ago

Popular News

    Connect with us

    • About
    • Advertise
    • Careers
    • Contact Us

    © 2025 TECHECONOMY.

    No Result
    View All Result
    • News
    • Tech
      • DisruptiveTECH
      • ConsumerTech
      • How To
      • TechTAINMENT
    • Business
      • Telecoms
      • Mobility
      • Environment
      • Travel
      • StartUPs
        • Chidiverse
      • TE Insights
      • Security
    • Partners
    • Economy
      • Finance
      • Fintech
      • Digital Assets
      • Personal Finance
      • Insurance
    • Features
      • IndustryINFLUENCERS
      • Guest Writer
      • EventDIARY
      • Editorial
      • Appointment
    • TECHECONOMY TV
    • Apply
    • TBS
    • BusinesSENSE For SMEs

    © 2025 TECHECONOMY.

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In
    Translate »
    This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.