The National Information Technology Development Agency (NITDA) has raised fresh concerns over a dangerous artificial intelligence-powered malware known as DeepLoad.
It said the cyber threat is actively targeting Nigerian businesses, government agencies, financial institutions, and individuals.
NITDA issued the alert through its Computer Emergency Readiness and Response Team, CERRT.NG, and shared the advisory on its official X account on Wednesday.
According to NITDA, DeepLoad is a new malware strain designed to infiltrate computer systems, steal sensitive information, and avoid detection by traditional antivirus software.
“The malware is distributed through a social engineering technique involving a fake website error,” it stated.
It explained that the malware tricks users into running harmful commands on their computers through deceptive website prompts.
Once activated, it quietly installs itself and begins stealing passwords, credentials, and other sensitive information stored on web browsers.
“Once executed, DeepLoad silently installs itself, harvests stored credentials and sensitive data from major browsers, and leverages artificial intelligence to evade antivirus detection,” NITDA said.
According to the agency, one of the most dangerous features of the malware is its ability to return even after users believe it has been removed.
“Critically, the malware incorporates a hidden WMI-based persistence mechanism capable of reactivating the infection up to three days after apparent removal,” it stated.
READ ALSO:
- CBN Raises the Alarm Over Fake Messages Targeting Bank Customers
- Nigeria Banks Secure ₦3.85trn in Capital Raise
- Nigeria Banks Secure ₦3.85trn in Capital Raise
- FG Moves to Set up National Cybersecurity Council amid Rising Cyber Threats
The agency described the threat as severe and urged immediate action from organisations and individuals across the country.
“Given its severity and confirmed active targeting of Nigerian entities, all organisations and individuals must implement the protective measures outlined in this advisory immediately,” NITDA added.
NITDA explained that the malware can give cybercriminals unauthorised access to bank accounts, mobile money platforms, payment cards, passwords, and personal documents.
It also warned that stolen information could be used for identity theft and financial fraud.
NITDA said organisations affected by the malware could face serious operational disruptions, while attacks on government systems could expose sensitive networks and create national security risks.
To reduce the risk of infection, the agency advised Nigerians not to paste commands from websites into their computers, noting that genuine software providers do not ask users to carry out such actions.
It also warned against opening suspicious files like “Chrome Setup” or “Firefox Installer” from USB devices and advised users to scan external storage devices with antivirus software before use.
The agency further urged Nigerians to enable two-factor authentication on important accounts and avoid saving banking passwords directly on web browsers.
For businesses and institutions, NITDA advised companies to educate staff about the DeepLoad threat, monitor browser extensions, and block identified malicious domains.
The agency also directed organisations that suspect infections to disconnect affected systems from the internet immediately, isolate compromised devices, change passwords using clean systems, and report incidents to NITDA within 72 hours as required by law.
Alex is a business journalist cum data enthusiast with the Pinnacle Daily. He can be reached via ealex@thepinnacleng.com, @ehime_alex on X