The National Information Technology Development Agency (NITDA) warns Nigerians to be very careful of IGVM, a file-encrypting Ransomware infection.
The IGVM, according to the agency, restricts access to data (documents, images, videos) by encrypting files with the “igvm” extension.
The warning was contained in a statement signed by Mrs Hadiza Umar, Head, Corporate Affairs and External Relations of NITDA and made available to reporters in Abuja on Saturday.
National Information Technology Development Agency NITDA emphasized that IGVM attempts to extort money from victims by requesting for “ransom”, in the form of Bitcoin cryptocurrency in exchange for access to data.
This crypto-virus, according to the agency, spread in different methods like web injectors, pirated software, spam emails, malicious software bundles, fake software updates, and deceiving online ads.
NITDA explains that the primary task of the crypto-virus is to check the users computer system for target file formats and encrypt them using a private RSA key.
The agency further said that once virus locks the files, it then runs several commands via CMD.exe to delete Volume Shadow Copies from the system.
The virus can also stop victims from restoring their file copies for free, using Windows tools and can also modify Windows HOSTS file by adding a list of domains to it.
According to NITDA, these domains are mostly computer or IT-related websites, so the attackers capitalize on this measure to prevent the victim from seeking help or information online.
The agency hereby urged the general public to follow these recommendations:
“Ensure regular data backup and recovery plan for all critical information.
“Use application whitelisting to help prevent malicious software and unapproved programs from running.
“Keep operating system and software up-to-date with the latest patches.
“Maintain up-to-date anti-virus software, and scan all software downloaded from the internet beforeinstalling.
“Do not follow unsolicited web links in emails. Do not download or open suspicious email attachments.
“Do not open emails from suspicious recipients.
“Furthermore, if paying up seems like the only reason to get your files back, we strongly advise against ransom payments.
NITDA added that various cybersecurity experts do not recommend paying up due to the following reasons:
“The criminals might stop responding as soon as you transfer money to their virtual wallet address.
“The so-called decryption tool can be faulty or fail to work due to data modification on your end avoiding funding this illegal business model. The fact that ransomware operators collect millions in ransoms each year simply encourages people to join this cybercrime industry.”
China recently warned financial institutions against offering cryptocurrency services.
China’s National Internet Finance Association, China Banking Association, and the Payment and Clearing Association of China, in a joint statement announced the ban, declaring that crypto has no real value and that the price can be manipulated.
Before China’s decision, Microsoft founder, Bill Gates had said he has not invested.
The billionaire listed other areas he put money into, but added that he had no problem with those who make their money via digital currency.
On claims that bitcoin production could be damaging to the environment, Gates said he was not totally convinced that was the case.