Connect with us

metro

NCC alerts Nigerians: How hackers can unlock, steal your vehicles

Published

on

The Nigerian Communications Commission has warned Nigerians about the devices of hackers who unlock and steal vehicles.

The warning was sounded in a statement issued by the Director, Public Affairs of the NCC, Dr. Ikechukwu Adinde.

In the statement on Sunday, Adinde said unedited:

The Nigerian Communications Commission (NCC) wishes to alert telecom consumers and members of the public on an ongoing cyber-vulnerability that allows a nearby hacker to unlock vehicles, start their engines wirelessly and make away with the cars.

The fact that car remotes are categorized short range devices that make use of radio frequency (RF) to lock and unlock cars informed the need for the Commission to alert the general public on this emergent danger, where hackers take advantage to unlock and start a compromised car.

According to the latest advisory released by the Computer Security Incident Response Team (CSIRT), the Cybersecurity Centre for the telecom sector established by the NCC, the vulnerability is a Man-in-the-Middle (MitM) attack or, more specifically, a replay attack in which an attacker intercepts the RF signals normally sent from a remote key fob to the car, manipulates these signals, and re-sends them later to unlock the car at will.

READ ALSO:

With this latest type of cyber-attack, it is also possible to manipulate the captured commands and re-transmit them to achieve a different outcome altogether. “Multiple researchers disclosed a vulnerability, which is said to be used by a nearby attacker to unlock some Honda and Acura car models and start their engines wirelessly. The attack consists of a threat actor capturing the radio frequency (RF) signals sent from your key fob to the car and resending these signals to take control of your car’s remote keyless entry system,” the advisory stated emphatically.

However, the NCC-CSIRT, in the advisory, has offer some precautionary measures or solutions that can be adopted by car owners to prevent falling victim to the attack.

According to the cyber-alert unit of the Commission, “When affected, the only mitigation is to reset your key fob at the dealership. Besides, the affected car manufacturer may provide a security mechanism that generate fresh codes for each authentication request, this makes it difficult for an attacker to ‘replay’ the codes thereafter. Additionally, vulnerable car users should store their key fobs in signal-blocking ’Faraday pouches’ when not in use.”

Importantly, car owners in the stated categories are advised to choose Passive Keyless Entry (PKE) as opposed to Remote Keyless Entry (RKE), which would make it harder for an attacker to read the signal due to the fact that criminals would need to be at close proximity to carry out their nefarious acts.

The PKE is an automotive security system that operates automatically when the user is in proximity to the vehicle, unlocking the door on approach or when the door handle is pulled, and also locking it when the user walks away or touches the car on exit. The RKE system, on the other hand, represents the standard solution for conveniently locking and unlocking a vehicle’s doors and luggage compartment by remote control.

Additionally, in a related advisory, the NCC, based on another detection by CSIRT, wishes to inform the general public about the resurgence of Joker Trojan-Infected Android Apps on Google Play Store. This arose due to the activities of criminals who intentionally download legitimate apps from the Play Store, modify them by embedding the Trojan malware and then uploading the app back to the Play Store with a new name.

READ ALSO:

The malicious payload is only activated once the apps goes live on the Play Store, which enables the apps to scale through Google’s strict evaluation process. Once installed, these apps request for permissions that once granted, enable the apps to have access to critical functions such as text messages and notifications.

As a consequence, a compromised device will subscribe unwitting users to premium services, billing them for services that do not exist. A device like this can also be used to commit Short Messaging Service (SMS) fraud while the owner is unaware.

It can click on online ads automatically and even use SMS One Time password (OTPs) to secretly approve payments. Without checking bank statements, the user will be unaware that he or she has subscribed to an online service. Other actions, such as stealing text messages, contacts, and other device data, are also possible.

To avoid falling victim to the manipulation of hackers deploying Joker Trojan-Infected Android Apps, Android users have been advised to avoid downloading unnecessary apps or installing apps from unofficial sources. The NCC also wishes to advise telecom consumers to ensure that apps installed from the Google Play Store are heavily scrutinized by reading reviews, assessing the developers, perusing the terms of use and only granting the necessary permissions.

Conclusively, the NCC recommends that unauthorised transactions be checked against any installed app. Indeed, any apps not in use should be deleted while users are also advised to ensure that a device is always patched and updated to the latest software.

EAGLE

metro

DSS storms ECWA Church, takes out 21 Muslim boys allegedly being forcefully converted to Christianity

Published

on

JOS – The Department of State Security (DSS) has raided a house located at JMDB quarters, in the Tudun Wada community of Jos North LGA of Plateau State, North-central Nigeria where the operatives rescued 21 young people, including almajirai, Daily Trust has reported.

The Jama’atu Nasril Islam (JNI), while confirming the incident, said the rescued victims told the group during interrogation that they were forcefully brought to the house and converted to Christianity.

The General Secretary of the Evangelical Church Winning All (ECWA), Rev. Yunusa Nmadu, said the house which was raided by the DSS was under the custody of the church but denied that it was used to convert people to Christianity, adding the claim should be discarded.

Daily Trust reports that the DSS raided the house on June 14, and recovered the victims, who were said to have been brought to Jos from another state.

The raid of the house, according to the JNI’s Director Aid Group Plateau State chapter, and Chief Security Officer, Jos Central Mosque, Danjuma Khalid, came after one of the victims, Abdulrahman Usaini, who escaped from the house, reported that they had been camped in the house for eight months.

Khalid said the DSS operatives raided the house following JNI’s report.

READ ALSO:

“On June 13, a group of people including Abdulrahman who ran away from the house met me here in the Central Mosque saying that they had come to report an issue regarding forceful adoption and conversion of their pupils to Christianity by ECWA Church in Jos.

“While narrating the incident, the escapee told me that he and one other, Nura Usama, were forcefully taken by some individuals in a Camry Toyota Car from Gombe, to ECWA headquarters, Jos, and after being documented, they were later taken to a house at Tudun Wada, where they were camped, and that he had ran away, leaving his brother, Nura at the house.

“On June 14, we reported the case to the DSS, Plateau State command, and the escapee narrated to the DSS how they were taken from Gombe to Jos and how he escaped from the house in Tudun Wada area. Immediately after we reported the matter, the DSS swung into action. The operatives of the command went to the house in Tudun Wada alongside the escapee, stormed the premises and rescued 21 children.”

He said when the victims were brought to the DSS State Command, two of the victims  – Abdulrahman Usaini and Nura Usama – were handed over to JNI, the uncle to Abdulrahman, and their teacher, while the remaining victims were left under the custody of the DSS until their parents or relatives were found.

Continue Reading

metro

NDLEA arrested some politicians in possession of illicit drugs

Published

on

NDLEA boss, Buba Marwa

Buba Marwa, chairman of the National Drug Law Enforcement Agency (NDLEA), says officers of the agency arrested some politicians in possession of illicit drugs.

Marwa said this on Sunday when he featured on Channels Television’s ‘Hard Copy’.

The chairman said he was “somewhat disappointed” that the drive to have public officers undergo drug-tests before they assume office did not go through.

“But the idea is not original. We are promoting what is going on already in Kano state. In kano state, all politicians under the governor’s party, aspiring for an office, must first demonstrate in the screening process that they are drug negative and I’m in full support of that,” he said.

READ ALSO:

“We have arrested politicians who either are holding political office or have retired. Recently one of them was jailed in Lagos, he was trying to smuggle 1kg, maybe to use it to run for office.

“As you know, the cartels also participate in political institutions, they actually fund candidates into the various levels so that the correct laws (that favour them) are enacted.”

Speaking on the rehabilitation of drug users, the NDLEA chief said there is a dearth of rehab centres “and there are thousands if not millions of drug users who need help but there’s no where to go. And so they snuck back into their bedrooms and continue to take drugs”.

“Right now we have just 11 model rehab centres in the country which is very low. The Presidential Advisory Committee on Elimination of Drug Abuse (PACEDA) recommended that there should be about three centres per state looking at the prevalence and the federal government already through the ministry of health, has agreed to build one more rehab centre in every state,” he said.

THE CABLE

Continue Reading

metro

Surety docked for failing to produce brother in court

Published

on

A 28-year-old man, Innocent Okoloneli, who allegedly stood as surety for his brother and failed to produce him in court, was on Monday docked in a Chief Magistrates’ Court in Yaba, Lagos.

The police charged Okoloneli, who resides in Bariga area of Lagos, with attempt to pervert justice.

He, however, pleaded not guilty to the charge.

The Prosecution Counsel, ASP Rita Momah, told the court that the defendant committed the offence on April 30, at the office of  the Deputy Commissioner of Police, State Criminal Investigation Department, Panti in Yaba, Lagos.

Momah said the defendant stood as a surety for his brother, Victor, who was facing a charge of obtaining by false pretences and theft.

She that while the matter was still being investigated by the police, the defendant willingly stood as a surety for his brother at the station.

READ ALSO:

She added that the defendant also signed an undertaking to produce his brother in court until the end of the case against him but failed to do so.

The offence, she said, contravenes the provisions of Section 97 of the Criminal Laws of Lagos State, 2015 (Revised).

The News Agency of Nigeria reports that Section 97 provides seven years imprisonment for attempt to pervert justice.

Chief Magistrate Adeola Adedayo admitted the defendant to bail in the sum of N5million with two responsible sureties in like sum.

She held that the sureties must submit copies of their National Identification Number (NIN), and their Lagos State Residents Registration Agency (LASRRA) card.

She further directed that both of them must be residing within the court’s jurisdiction and be gainfully employed with evidence of three years tax payment to the Lagos State Government.

Adedayo adjourned the case until July 19 for mention.

EAGLE

Continue Reading

Trending