The National Information Technology Development Agency has issued a nationwide cybersecurity warning over a new artificial intelligence-powered malware known as DeepLoad, saying it is actively targeting Nigerian government agencies, financial institutions, businesses, and individuals.

The alert was released on Wednesday by the agency’s Computer Emergency Readiness and Response Team through its official X platform.

According to NITDA, DeepLoad is a sophisticated malware strain capable of stealing sensitive information while evading detection from traditional antivirus software.

The agency explained that the malware spreads mainly through social engineering tactics, particularly fake website error messages that trick users into running harmful commands on their devices.

“The malware is distributed through a social engineering technique involving a fake website error,” the advisory stated.

NITDA said that once activated, the malware silently installs itself and begins harvesting stored credentials and sensitive data from major web browsers.

“Once executed, DeepLoad silently installs itself, harvests stored credentials and sensitive data from major browsers, and leverages artificial intelligence to evade antivirus detection,” the agency warned.

The agency further revealed that the malware includes a hidden persistence mechanism based on Windows Management Instrumentation, allowing it to reactivate itself even after apparent removal.

“Critically, the malware incorporates a hidden WMI-based persistence mechanism capable of reactivating the infection up to three days after apparent removal,” the statement added.

NITDA described the threat as severe and urged organisations and individuals to take immediate preventive measures.

According to the agency, a successful DeepLoad infection could expose bank accounts, payment cards, mobile money services, passwords, and confidential documents to cybercriminals.

The agency also warned that the stolen information could be used for identity theft and impersonation.

For organisations, NITDA said the malware could cause operational disruptions, compromise internal systems, and expose classified government data or national infrastructure.

To reduce the risk of infection, the agency advised Nigerians not to copy or execute commands from unknown websites and warned against installing software from unverified USB drives.

Other recommendations included enabling two-factor authentication, avoiding the storage of banking passwords in browsers, reviewing browser extensions regularly, blocking suspicious domains at the firewall and DNS levels, and activating advanced system logging on Windows devices.

NITDA also urged organisations to strengthen cybersecurity awareness among staff, monitor systems for hidden persistence mechanisms, and immediately isolate suspected infected devices from the internet.

The agency advised that all confirmed or suspected incidents should be reported promptly, while affected passwords are reset using secure devices and internal response procedures are activated immediately.