NITDA warns of AI malware targeting Nigerian institutions

The National Information Technology Development Agency (NITDA) has sounded a critical alarm, warning of a sophisticated new threat to Nigeria's digital infrastructure. The emergence of DeepLoad, an artificial intelligence-powered malware, represents a significant escalation in cyber warfare targeting our nation's institutions and citizens. This is not merely a technical issue; it is a matter of national security and economic stability.

“

The malware is distributed through a social engineering technique involving a fake website error.

As detailed in the advisory issued by NITDA's Computer Emergency Readiness and Response Team, DeepLoad is engineered to bypass conventional security measures. Its ability to leverage AI for evasion and its insidious method of propagation through social engineering tactics, such as deceptive website error prompts, make it particularly dangerous. The malware's capacity to silently install itself, harvest credentials from web browsers, and maintain a persistent presence even after apparent removal, as highlighted by its WMI-based persistence mechanism, underscores the advanced nature of this threat.

“

Once executed, DeepLoad silently installs itself, harvests stored credentials and sensitive data from major browsers, and leverages artificial intelligence to evade antivirus detection.

The implications for Nigeria are severe. Government agencies, financial institutions, businesses, and individuals are all in the crosshairs. A successful breach could lead to the compromise of sensitive personal and financial data, identity theft, significant operational disruptions for businesses, and potentially the exposure of classified government information and national security infrastructure. This is a direct assault on our developing digital economy and the trust citizens place in our institutions.

“

Critically, the malware incorporates a hidden WMI-based persistence mechanism capable of reactivating the infection up to three days after apparent removal.

While international media might report on this as another cybersecurity incident, for Nigeria, it is a stark reminder of our vulnerability in the face of rapidly evolving global cyber threats. NITDA's proactive warning and the call for immediate implementation of protective measures are crucial. It is imperative that all stakeholders – government bodies, private enterprises, and individual citizens – heed this warning and bolster their defenses. The fight against such advanced cyber threats requires a concerted, national effort, and NITDA's vigilance is a vital first line of defense for the nation.

“

Given its severity and confirmed active targeting of Nigerian entities, all organizations and individuals must implement the protective measures outlined in this advisory immediately.