Josproject/Operationrainbow

02/02/2022

Call 0800-0022-3344 toll free line to report any suspicious movement.

15/11/2021

Be warn!!

Press Statement

Cybercrime: NCC Reports new Malware AbstractEmu, attacking Android Devices

The Nigerian Communications Commission (NCC) wishes to inform telecom consumers and the general public that a new Android malware has been discovered.

The malware, named ‘AbstractEmu’, can gain access to smartphones, take complete control of infected smartphones and silently modify device settings while simultaneously taking steps to evade detection.

This discovery was announced recently by the Nigerian Computer Emergency Response Team (ngCERT), the national agency established by the Federal Government to manage the risks of cyber threats in the Nigeria, which also coordinates incident response and mitigation strategies to proactively prevent cyber-attacks against Nigeria

AbstractEmu has been found to be distributed via Google Play Store and third-party stores such as the Amazon Appstore and the Samsung Galaxy Store, as well as other lesser-known marketplaces like Aptoide and APKPure.

The advisory stated that a total of 19 Android applications that posed as utility apps and system tools like password managers, money managers, app launchers, and data saving apps have been reported to contain the rooting functionality of the malware.

The apps are said to have been prominently distributed via third-party stores such as the Amazon Appstore and the Samsung Galaxy Store, as well as other lesser-known marketplaces like Aptoide and APKPure. The apps include All Passwords, Anti-ads Browser, Data Saver, Lite Launcher, My Phone, Night Light and Phone Plus, among others.

According to the report, rooting malware although rare, is very dangerous. By using the rooting process to gain privileged access to the Android operating system, the threat actor can silently grant itself dangerous permissions or install additional malware – steps that would normally require user interaction. Elevated privileges also give the malware access to other apps' sensitive data, something not possible under normal circumstances.

The ngCERT advisory also captured the consequences of making their devices susceptible to AbstractEmu attack. Once installed, the attack chain is designed to leverage one of five exploits for older Android security flaws that would allow it to gain root permissions. It also takes over the device, installs additional malware, extracts sensitive data, and transmits to a remote attack-controlled server.

Additionally, the malware can modify the phone settings to give app ability to reset the device password, or lock the device, through device admin; draw over other windows; install other packages; access accessibility services; ignore battery optimisation; monitor notifications; capture screenshots; record device screen; disable Google Play Protect; as well as modify permissions that grant access to contacts, call logs, Short Messaging Service (SMS), Geographic Positioning System (GPS), camera, and microphone.

The ngCERT also asserts in the advisory that, while the malicious apps were removed from Google Play Store, the other app stores are likely distributing them. Consequently, the NCC wishes to reiterate a two-fold ngCERT advisory in order to mitigate the risks. The two-fold advisory include:

1. Users should be wary of installing unknown or unusual apps, and look out for different behaviours as they use their phones.

2. Reset your phone to factory settings when there is suspicion of unusual behaviours in your phone.

The NCC, in exercise of its mandate and obligation to the consumers, will continue to sensitise and educate telecoms consumers on any cyber threat capable of inflicting low or high-impact harms on their devices, whether discovered through the ngCERT or the telecom sector's Centre for Computer Security Incident Response managed by the Commission.

It will be recalled that the NCC, in October 2021, alerted telecom consumers of the existence of new, high-risk and extremely-damaging, Android device-targeting Malware called Flubot and outlined steps to prevent the eir devices from being attacked by the virus.

Signed:

Dr. Ikechukwu Adinde
Director, Public Affairs

November 8, 2021

20/02/2021

Ask questions, say something, call someone anytime you doubt your environment.

14/12/2020

If you see something say something.
Let's protect our environment.
It's a duty to all citizens.

16/08/2020

OPERATION RAINBOW CRACKS DOWN ON ILLEGAL DRUG MARKET IN JOS.

ARRESTS SIXTEEN.

16TH,AUGUST 2020

Operatives of the Plateau State Security Outfit, Operation Rainbow have cracked down on a notorious illicit drug peddling market located within the premises of Government Secondary School Gangare in Jos North Local Government Area.

The raid which lead to the arrest of sixteen persons involved in the illicit drug business was said to have been carried out at about 6pm Nigerian time.

According to reports the illicit drug market operates daily within the facilities of GSS Gangare attracting buyers and sellers from other parts of the city thereby posing threats to lives and property of innocent citizens around Gangare and environs.

DSP Ajik Ezekiel Azi of the Operation Rainbow who lead the operation with support of the Neighborhood watch and Vigilante' Nigeria said they acted on credible information that daily within the hours of 6-9pm,drug and other related activities take place within the GSS Gangare premises which has become a sort of a market patronized by those on foot,motorcycles and even cars.

He said it was a successful operation when Operation Rainbow swooped in on them which lead to the arrests.

While parading them at the Headquarters of Operation Rainbow in Jos,DSP Ajik said their details have been taken and liaison is ongoing to transfer them to relevant authorities who will carry on further investigations.

He added that among the sixteen arrested, one was found with an ID Card belonging to the Nigerian Army claiming he was a dismissed and now recalled soldier who once served in Borno State.

Also speaking, Permanent Secretary Cabinet and Special Services, Cornelius Shiolbial who oversee's Operation Rainbow said the outfit will continue to partner communities with its community approach strategy to rid the state of such acts.

He regretted that youths have taken to drug business endangering their lives and that of others but was quick to say the the out

26/06/2020

https://africandrumnews.wordpress.com/2020/06/25/special-focus-operation-rainbows-one-day-peace-dialogue-a-good-start-sustain-it/

By Oliver K*m June 25, 2020 A cross section of security chiefs at the occasion Recently participants at a One-Day Round Table Dialogue began the process of taking practical steps towards addressing…

19/06/2020

His Excellency the Executive Governor of Plateau state Simon Bako Lalong, is already on course & will soon acheive a City-wide GIS surveillance system. He recently commissioned Operation Rainbow's Surveillance outpost in Jos Metropolis

21/02/2020

Prank calls to 112 take away vital resources from the emergency services.

19/12/2019

28/12/2017

Jos is cold, be wary of night movements this holiday season.

28/12/2017

Jos Project is a citizens initiative of the people of Jos by Operation Rainbow supported by UNDP/UNMC/SODNET