NITDA Warns of New ‘Grandoreiro’ Banking Malware Threat

The National Information Technology Development Agency (NITDA) has issued a warning about a new cybersecurity threat involving the Grandoreiro banking malware.

Through a public notice from the Computer Emergency Readiness and Response Team (CERRT.NG), NITDA alerted Nigerians to the resurgence of the malware and its potential risks.

Grandoreiro, a banking Trojan, is primarily distributed via phishing emails and fake websites.

Advisory on Grandoreiro Banking Malware!!!⚠️⚠️⚠️⚠️

A new version of the banking malware Grandoreiro has emerged, targeting users globally. This banking Trojan is primarily distributed through phishing emails and fake websites.#CyberSecurityAlert pic.twitter.com/zbLnQEhr1l

— NITDA Nigeria (@NITDANigeria) December 9, 2024

NITDA explained that the malware disguises itself as legitimate software updates or documents to trick users into downloading it. Once installed, it uses advanced techniques, including screen overlay attacks and remote device control, to steal sensitive data, such as banking credentials.

Also Read: NITDA Warns of ‘CovertCatch’ Job Scam Malware on LinkedIn

The agency highlighted the following risks associated with Grandoreiro:

• Unauthorized access to online banking accounts.
• Theft of financial and personal information.
• Remote exploitation of victim devices to bypass security controls.
• Potential financial losses for individuals and businesses.

To protect against this threat, NITDA has advised Nigerians to take the following precautions:

• Avoid phishing scams by refraining from clicking links or opening attachments from unknown or unsolicited emails.
• Download software only from trusted sources to ensure security.
• Enable Multifactor Authentication (MFA) for added protection of online banking accounts.
• Use antivirus software, regularly updating and scanning devices for malware.
• Avoid public Wi-Fi for financial transactions and use a VPN if necessary.
• Monitor banking activity by reviewing account statements regularly and reporting suspicious transactions promptly.

NITDA also encouraged Nigerians to report suspicious activity or seek guidance via the following CERRT.NG channels: Email: cerrt@nitda.gov.ng, Phone: +2348178774580, Website: www.cerrt.ng.