The National Information Technology Development Agency has raised fresh concerns over the growing sophistication of cyber threats in Nigeria after warning that a new artificial intelligence-powered malware known as DeepLoad is actively targeting government agencies, financial institutions, businesses, and individuals across the country.

The warning, released on Wednesday through the agency’s Computer Emergency Readiness and Response Team on its X handle, points to a dangerous shift in cyberattacks, where hackers are now using artificial intelligence to quietly steal sensitive information while avoiding detection by traditional antivirus systems.

According to NITDA, DeepLoad is not the kind of malware that announces itself with obvious signs. Instead, it hides in plain sight, using fake website error messages and deceptive prompts to manipulate unsuspecting users into executing malicious commands on their devices.

Also Read: Nigeria Leads Africa in Spam Calls

“The malware is distributed through a social engineering technique involving a fake website error,” NITDA stated in its advisory.

Once activated, the malware reportedly installs itself silently and immediately begins harvesting sensitive data from infected systems, including saved passwords, browser credentials, payment details, and other personal information stored across major web browsers.

“Once executed, DeepLoad silently installs itself, harvests stored credentials and sensitive data from major browsers, and leverages artificial intelligence to evade antivirus detection,” the agency said.

What makes the threat even more alarming is its ability to survive removal attempts. NITDA disclosed that DeepLoad contains a hidden persistence mechanism powered by Windows Management Instrumentation, allowing it to reactivate itself even after users believe it has been deleted.

“Critically, the malware incorporates a hidden WMI-based persistence mechanism capable of reactivating the infection up to three days after apparent removal,” the advisory stated.

The agency described the malware as an active and serious threat already targeting Nigerian entities and urged organisations and individuals to take immediate preventive action before becoming victims.

“Given its severity and confirmed active targeting of Nigerian entities, all organisations and individuals must implement the protective measures outlined in this advisory immediately,” it added.

NITDA warned that the consequences of infection could be devastating for both individuals and institutions. For ordinary Nigerians, attackers could gain access to bank accounts, mobile money platforms, payment cards, passwords, and confidential personal documents. The agency also warned that stolen credentials could fuel identity theft and financial fraud.

For businesses and government institutions, the risks could be even more severe. NITDA noted that successful attacks could lead to operational shutdowns, expensive recovery processes, exposure of classified information, and threats to national security infrastructure.

The development comes at a time when cyberattacks against Nigerian organisations are becoming more frequent and more advanced, with cybercriminals increasingly exploiting artificial intelligence tools to bypass traditional security systems.

To reduce exposure to the malware, NITDA advised Nigerians not to copy or execute commands from unknown websites, stressing that legitimate software providers do not ask users to run suspicious commands through browser prompts or fake error pages.

The agency also cautioned against installing software from unverified USB devices and recommended that all external storage devices be properly scanned before use.

As cyber threats evolve, the warning highlights a growing reality for Nigeria’s digital space: hackers are no longer relying only on brute-force attacks. They are now using smarter, AI-driven techniques designed to deceive users quietly, stay hidden longer, and cause deeper damage before detection.

Meiza Nigeria