The Nigeria Communications Commission’s Computer Security Incident Response Team, NCC-CSIRT, has warned users of Facebook applications on Android devices to be cautious of a new Malware called Schoolyard Bully.

The NCC-CSIRT, in a recent advisory, cautioned that the malware steals Facebook account credentials and has infected over 300,000 Android devices globally.

Giving details on how the malware infects devices, the team disclosed that even though the applications carrying the malware were on Google Play Store but were removed, the malware still spreads via third-party Android application shops.

Quoting researchers from mobile security firm, Zimperium, the NCC-CSIRT said several applications transmit the malware while camouflaging as reading and educational applications with various items for victims to study.

“The Zimperium research states that the malware employs JavaScript injection to steal Facebook login information. The malware loads a legitimate URL inside a WebView with malicious JavaScript injected to obtain the user’s contact information, then sends it to the command-and-control server.

"Furthermore, the malware uses native libraries to evade detection and analysis by security software and machine learning technologies,” the NCC team said.

Hence, the malware aims to steal Facebook account information like account ID, username, email address, password, device name, Random Access Memory, and Application Programming Interface.

To avoid getting the Schoolyard Bully malware, the NCC-CSIRT advised Nigerians to only download applications from official websites and application stores. The team urged citizens to double-check each application and untick boxes that request additional third-party downloads when installing applications from the Google Play Store. The NCC team suggested using anti-malware applications to scan devices for malware routinely.