ALERT: NCC warns of ‘Yanluowang’ malware that ‘hijacks browser credentials’
The Nigerian Communications Commission (NCC) has asked organizations to adopt stricter cybersecurity measures to prevent ransomware attacks on their corporate network.
Ransomware is a type of malicious software or malware, which prevents you from accessing your computer files, systems or networks and demands that you pay a ransom for their return.
In an advisory released Friday, the NCC’s Computer Security Incident Response Team (CSIRT) said that to prevent this form of attack, organizations should ensure their employees use strong passwords, enable the multi-factor authentication (2FA) and ensure regular backup of systems.
The notice was published after hackers using Yanluowang ransomware allegedly gained access to Cisco’s network “using an employee’s stolen credentials after hijacking the employee’s personal Google account containing credentials. identification synchronized from his browser”.
“NCC-CSIRT assessed the potential damage from the incident as critical, predicted that successful exploitation of the ransomware will result in the deployment of ransomware to compromise computer systems, sensitive products, and the theft and exposure of data from customers,” the statement said.
“It could also lead to huge financial losses for organizations by incurring significant indirect costs and could also damage their reputation.
“The first step in preventing ransomware attacks is to ensure that employees use strong, unique passwords for each account and to enable multi-factor authentication (2FA) wherever it is supported.
“In response to the attack, Cisco immediately implemented a company-wide password reset. Cisco product users should ensure a successful password reset.
“As a precaution, the company has also created two Clam AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised assets. Clam AntiVirus Signatures (or ClamAV) is a cross-platform antimalware toolkit capable of detecting a wide range of malware and viruses.
“User training is key to thwarting this type of attack or any similar attack, including ensuring that employees are aware of the legitimate channels through which support personnel will contact users, so that employees can identify attempted fraudulent ways of obtaining sensitive information. Organizations should ensure regular backup of systems.