The Nigeria Computer Emergency Response Team (ngCERT) has issued a high-level alert over a dangerous new malware campaign that threatens millions of Android users across the country.
The malware, known as Tria Stealer, is spreading through fake wedding and event invitations sent via popular messaging platforms like WhatsApp and Telegram.
According to ngCERT, the malware is highly sophisticated and uses deceptive tactics to trick users into downloading an infected Android Package Kit (APK). Once installed, Tria Stealer disguises itself as a legitimate system app to avoid detection.
Once active, it requests access to sensitive phone functions, including SMS, call logs, and app notifications and immediately begins stealing personal and financial data.
This information is then transmitted to remote Command and Control (C2) servers operated via Telegram bots.
“Tria Stealer can hijack WhatsApp and Telegram accounts, intercept one-time passwords (OTPs), gain access to financial apps, and install additional malware without consent,” ngCERT warned.
The malware uses encryption and obfuscation techniques to evade antivirus software and automatically reactivates when the device restarts, maintaining its control over the system.
NgCERT stressed that both individuals and organizations are vulnerable, especially those who frequently use mobile messaging platforms for personal or professional communication. Because Tria Stealer can impersonate trusted contacts, even security-conscious users may unknowingly install the malicious app.
As the malware continues to spread, ngCERT is urging all Android users in Nigeria to remain alert and take proactive steps to protect their devices and personal information from compromise.
To stay safe, the agency advised Android users to download apps only from official sources such as the Google Play Store; avoid clicking on unsolicited APK files or event invitations—even from familiar contacts; enable two-factor authentication (2FA) on all messaging and banking apps; install and regularly update mobile antivirus software and restrict app permissions, especially for apps not from trusted sources.
For organisations, ngCERT recommends launching employee cybersecurity awareness campaigns, deploying mobile threat detection software for key staff, enforcing security policies through Mobile Device Management (MDM) tools, and monitoring network traffic for suspicious activity.
We’ve got the edge. Get real-time reports, breaking scoops, and exclusive angles delivered straight to your phone. Don’t settle for stale news. Join LEADERSHIP NEWS on WhatsApp for 24/7 updates →
Join Our WhatsApp Channel
