Tripoli: The Internal Security Agency warned today against downloading, opening, or extracting any files that are said to be leaked from the Central Bank of Libya (CBL) and are being shared on the dark web or from untrusted sources, stating that technical checks have shown that many of these files have malware used by cybercriminals to attack new institutions and devices.
According to Libyan News Agency, technical examinations and analyses conducted by the agency's specialists revealed that while some files appear legitimate and contain genuine data, they also contain malicious components that could grant attackers unauthorized access to targeted systems or lead to device compromise. The agency emphasized that the circulation of such files could be a means of spreading cyber infection, not merely a data leak.
The agency has called on sovereign and governmental bodies, banks, and both public and private companies to refrain from downloading or opening any files obtained from dark web sites or untrusted sources. It warned of the serious security risks that may result from handling them without following secure technical procedures.
Additionally, the agency urged public sector employees who have downloaded any of these files, whether on work devices or personal devices used to access workplace networks, to immediately notify their IT departments or cybersecurity teams. Employees are advised not to delete, open, or attempt to examine the files themselves, to enable specialists to take the necessary technical measures to contain any potential threat.
The agency emphasized that some modern malware operates covertly for extended periods without any direct signs of infection. Such malware can gather information, steal login credentials, and reconnoiter the network environment before executing subsequent attack phases, including disabling systems, encrypting data, or stealing it.
The agency further indicated that its incident response and digital forensics teams are continuing their technical work to investigate the cyber incident targeting the CBL. They are also monitoring any attempts to exploit the leaked files to launch new attacks against state institutions. The agency reiterates its warning against sharing these documents on social media with the intent to defame, as such actions could result in legal repercussions.