NITDA cautions Nigerians of new email-based attacks

The National Information Technology Development Agency (NITDA) has cautioned Nigerians about a new cyber threat that involves email-based attacks by an infamous Russian hacking group called Nobelium.

This advice was enclosed in a press statement on Sunday by the agency’s Head of Corporate Affairs and External Relations, Mrs Hadiza Umar, entitled, ‘NITDA cautions Nigerians on new email-based attack From Solarwindhackers.’

Microsoft had previously cautioned about the new cyber-attacks, which are stated to originate from the state-backed Russian hackers behind the SolarWinds hacking against the United States and foreign government agencies and think tanks.

Nearly 3,000 email accounts at more than 150 organisations were targeted, particularly organisations that involve global growth, philanthropic and human rights work.

The press statement partly read, “According to information available as obtained by the National Information Technology Development Agency, Microsoft, a world renown multinational technology company has uncovered a widespread malicious email campaign undertaken by the hacking group- NOBELIUM.

“The cybercriminals leveraged the legitimate mass-mailing service, to masquerade as a US-based development organisation and distribute malicious URLs to a wide variety of organisations especially government organisations, non-government organizations (NGOs), think-tanks, military, IT service providers, health technology and research, and telecommunications providers.

“Their antics involve the use of emails claiming to be an alert from USAID about new documents published by former President Donald Trump about ‘election fraud.’ Once users click the link in the email, the URL would direct them to the legitimate Constant Contact Service and then redirect to Nobelium-controlled infrastructure through a URL that delivers a malicious ISO file. This, in turn, enables the criminals to execute further malicious objectives, such as lateral movement, data exfiltration and delivery of additional malware.”