Oluwanifemi Ojo
The Nigerian Communications Commission’s Computer Security Incident Response Team has warned the users of Samsung phones to update their Galaxy App Store, against cyber threat.
This is owing to the newly discovered multiple susceptibility in the Samsung Galaxy App Store Application.
The commission claims that this vulnerability can result in code execution and unauthorized app installations.
NCC-CSIRT advised in a public notice that states, “ NCC-CSIRT also advised users to update their Galaxy App Store following the discovery of multiple vulnerabilities in the Samsung Galaxy App Store Application can lead to unwanted app installations and code execution.
This vulnerability was disclosed by a researcher from NCC Group.
According to the notice, “ Ken Gannon, a cybersecurity researcher from NCC Group, discovered the vulnerabilities in the Galaxy App Store application on Samsung devices that are running Android 12 and older.”
The advice also cautioned against the use of Microsoft OneNote attachments in phishing emails that could infect victims with malware that grants remote access to sensitive data on their devices.
The Punch reported that the team also warned users against opening attachments from persons they do not know because they could harm their computer or files.
According to the advisory, “The Team urged users not open files from people they do not know, not to click ‘OK’ and immediately exit the application if they receive a warning that opening an attachment or link can damage their computer or files.
Also, users are advised to “promptly share an unknown email they believe to be genuine with a security or Windows administrator to assist in determining whether the file is secure.”
“It had recently advised people not to open attachments in suspicious emails and to only purchase or download applications from official websites in response to the discovery of phishing malware that can gain unauthorized access to sensitive user data and download further malware.”
The malware, according to the NCC-CSIRT, is a remote access tool that easily manages a victim’s personal computers. It may also enable attackers to remotely control a compromised computer’s mouse and keyboard, access the system’s file management and history, and possibly even run commands that allow them to install additional malware.
NCC-CSIRT’s notice on the discovery said, “the apps, which have been downloaded 450, 000 times in total, can be games or investment services, but that they are designed to steal sensitive user information.”
The article went on to say that the “CRAFTED” website that is hosting the malware is still active and makes the claim that it is the home of a brand-new NFT card game based on the Pokemon franchise that provides players with both strategic entertainment and NFT investment gains.
The organisation said, “While some of the malicious apps have been removed, others are still active on the store, with the affected apps listed as Golden Hunt, Reflector, Seven Golden Wolf Blackjack, Unlimited Score, Big Decisions, Jewel Sea, Lux Fruits Game, Lucky Clover, King Blitz, and Lucky Hammer.”
