The National Information Technology Development Agency (NITDA) has raised an alarm over a new artificial intelligence-powered malware known as DeepLoad attacking Nigerian businesses.
The agency disclosed this in a critical advisory issued on May 6 through its Computer Emergency Readiness and Response Team (CERRT.NG) and shared via its official X account.
According to NITDA, DeepLoad is an AI-enhanced malware strain designed to infiltrate systems, steal sensitive information, and evade conventional antivirus detection systems.
It warned that the cyber threat is actively targeting Nigerian government agencies, financial institutions, businesses, and individuals.
The Agency explained that the malware spreads through deceptive website prompts that trick users into executing malicious commands on their computers.
“The malware is distributed through a social engineering technique involving fake website error,” the advisory stated.
NITDA further explained that once activated, the malware silently embeds itself within infected systems and begins harvesting credentials and sensitive information from major web browsers.
“Once executed, DeepLoad silently installs itself, harvests stored credentials and sensitive data from major browsers, and leverages artificial intelligence to evade antivirus detection,” the agency said.
READ ALSO: Consumers Pay More As Prices Of Eggs, Beans, Local Rice, Others Rise In March
The advisory noted that one of the most dangerous features of the malware is its ability to remain persistent even after attempted removal.
According to NITDA, DeepLoad uses a hidden Windows Management Instrumentation (WMI)-based mechanism capable of restoring the infection days later.
“Critically, the malware incorporates a hidden WMI-based persistence mechanism capable of reactivating the infection up to three days after apparent removal,” it stated.
The Agency warned that the severity of the threat requires immediate action from both organisations and individuals.
“Given its severity and confirmed active targeting of Nigerian entities, all organizations and individuals must implement the protective measures outlined in this advisory immediately,” NITDA added.
The agency warned that the stolen data could be used for identity fraud, enabling criminals to impersonate victims for financial gain.
NITDA said individuals, government institutions, businesses, large organisations, and small enterprises are all vulnerable to the rapidly evolving cyber threat posed by DeepLoad.
According to the agency, a successful DeepLoad infection could grant cybercriminals unauthorised access to bank accounts, mobile money services, and payment cards. The malware can also steal passwords, documents, and sensitive personal information stored on web browsers.
For organisations, NITDA said infections could lead to operational disruptions requiring complete system isolation and remediation processes. It also warned that attacks on government systems could compromise classified networks and pose risks to national security.
To prevent infections, NITDA advised Nigerians never to paste commands from websites into their computers, noting that legitimate software providers do not request such actions.
The agency also warned users against opening suspicious files such as “Chrome Setup” or ‘Firefox Installer’ from USB drives and advised scanning all external storage devices with antivirus software before use.
NITDA further recommended enabling two-factor authentication on important accounts and avoiding storing banking passwords directly on web browsers.
For organisations, the agency advised companies to immediately sensitise staff about the DeepLoad threat, enable PowerShell Script Block Logging across Windows systems, and review browser extensions for unauthorised installations.
The advisory also recommended blocking malicious domains, including holiday-updateservice[.]com, forest-entity[.]cc, and hell1-kitty[.]cc, at firewall and DNS levels.
NITDA said institutions that suspect infections should disconnect affected systems from the internet immediately, change all passwords on clean devices, isolate compromised systems, activate incident response teams, and report incidents to the agency within 72 hours as required by law.
Additionally, organisations were urged to check for hidden WMI Event Subscriptions that could allow the malware to survive standard cleanup procedures.
The post NITDA Raises Alarm Over DeepLoad AI Malware Targeting Nigerian Organisations appeared first on Channels Television.
