NZ Cyber Agency Alerts Thousands To Malware Infection

The GCSB’s National Cyber Security Centre (NCSC) is emailing thousands of New Zealanders to notify them that their devices may be impacted by malicious software.

The NCSC email directs recipients to the NCSC’s Own Your Online website for advice on how to remove the malware and provides general cyber security advice to help address potential risk to their online accounts.

Emails are going out to around 26,000 email addresses.

The NCSC’s Chief Operating Officer, Michael Jagusch, says the email relates to malware known as Lumma Stealer, which typically impacts devices using Microsoft Windows operating systems.

The malicious software is designed to steal sensitive information, like email addresses and passwords, from devices typically for the purposes of fraud or identity theft.

The use of Lumma Stealer and other similar malware by cyber criminals is an ongoing international issue.

“We were alerted to the issue through our cyber security partnerships and have worked with New Zealand government agencies and financial institutions to contact some of the affected users.

“However, there is a large group of users we are now contacting directly.

“This is the first time that we have conducted such a large-scale public outreach, and we want to assure recipients that the email from the NCSC is legitimate.”

If people have concerns, they should double-check that the sender address is no-reply@comms.ncsc.govt.nz

Read our guidance about Lumma Stealer on Own Your Online: https://www.ownyouronline.govt.nz/news-and-alerts/lumma-stealer-malware-affecting-thousands

Notes:

What is Lumma Stealer?

Lumma Stealer is a piece of malicious software (malware) that is designed to steal sensitive information, like email addresses and passwords from devices. Due to its design, it can also install more malware on your device.

How does someone know if they have Lumma Stealer on their device?

Lumma Stealer is designed so it is not detected or noticed on your device. Some things that could indicate you have Lumma Stealer or other malware on your device include:

• Unusual account activity (logins, changes to settings, locked out of accounts)
• Unknown/Unauthorised transactions
• Spam calls/emails or messages

Updating your Antimalware or Antivirus and running a scan may detect any current infection.

Where can people go to get help?

There is information on the NCSC’s Own Your Online website about how to remove the malware. The NCSC has also provided advice on how to choose a support provider if extra help is required.

Go to www.ownyouronline.govt.nz and search for “choose a support provider”, then follow the advice provided.

About the NCSC

The National Cyber Security Centre is a part of the GCSB. The NCSC makes it easy for everyone in New Zealand to play their part in keeping New Zealand cyber-secure. The NCSC delivers its work through three primary approaches:

1. It supports all New Zealanders to act on informed decisions.
2. It works with key players to build good cyber security basics into New Zealand’s cyber ecosystem and essential services.
3. It uses its mandate, relationships, and specialist capabilities to help counter the most serious harms.

Own Your Online is the NCSC’s platform for everyday New Zealanders and small-to- medium organisations (SMEs) to make cyber security easy to understand. It contains a range of tools, resources, and guides to help people protect themselves and know what to do in an incident.

© Scoop Media