ABUJA, Nigeria (VOICE OF NAIJA)-The National Information Technology Development Agency (NITDA) has issued a security alert over a new artificial intelligence-powered malware known as DeepLoad.
NITDA warned that it is actively targeting government agencies, financial institutions, businesses, and individuals across Nigeria.
The warning was published on the agency’s X handle on Wednesday through its Computer Emergency Readiness and Response Team amid rising cyberattacks against Nigerian organisations.
According to NITDA, DeepLoad is a sophisticated malware strain designed to steal sensitive information while evading traditional antivirus systems.
The malware spreads through social engineering tactics, particularly fake website error prompts that deceive users into executing malicious commands.
READ ALSO:Nigeria Customs Debunks Fake Social Media Message, Urges Public Caution
“The malware is distributed through a social engineering technique involving a fake website error,” NITDA stated in its advisory.
The agency explained that once activated, the malware silently installs itself on a device and begins extracting stored credentials and sensitive information from major web browsers while using artificial intelligence techniques to avoid detection.
“Once executed, DeepLoad silently installs itself, harvests stored credentials and sensitive data from major browsers, and leverages artificial intelligence to evade antivirus detection,” the agency said.
NITDA further warned that DeepLoad contains a persistence mechanism that makes it difficult to eliminate completely, noting that the malware can reactivate itself days after it appears to have been removed.
“Critically, the malware incorporates a hidden WMI-based persistence mechanism capable of reactivating the infection up to three days after apparent removal,” the advisory stated.
The agency described the threat as severe and already active, urging organisations and individuals to take immediate preventive measures.
“Given its severity and confirmed active targeting of Nigerian entities, all organizations and individuals must implement the protective measures outlined in this advisory immediately,” it added.
NITDA warned that individuals, businesses, and government institutions are all vulnerable to the threat.
It noted that successful infections could grant attackers access to bank accounts, mobile money services, payment cards, passwords, and sensitive personal documents.
The agency also expressed concern over identity theft, warning that stolen information could be used to impersonate victims for financial gain.
For organisations, NITDA said infections could result in major operational disruptions, including system shutdowns and recovery exercises.
It also warned that breaches involving government systems could expose classified information and compromise national security infrastructure.
To reduce the risk of infection, NITDA advised users not to copy or execute commands from unknown websites, stressing that legitimate software providers do not require such actions.
The agency also warned against installing software from unverified USB drives and recommended scanning all external storage devices before use.
Other recommendations included “Enabling two-factor authentication on important accounts, avoiding storing banking passwords in browsers, reviewing browser extensions for suspicious activity, blocking known malicious domains at the firewall and DNS level, and enabling advanced logging tools on Windows systems.”
Organisations were further advised to educate staff, monitor systems for hidden persistence mechanisms, and immediately isolate suspected infected devices.
NITDA concluded that any confirmed or suspected incident should be reported promptly, with affected systems disconnected from the internet, passwords reset from secure devices, and internal response teams activated immediately to contain the threat.