Business
NCC warns Nigerians against Google Chrome extensions malware
The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has identified five malicious Google Chrome Extensions that surreptitiously track online browser’s activities and steal their data.
Google Chrome extensions are software programs that can be installed into Chrome in order to change the browser’s functionality. This includes adding new features to Chrome or modifying the existing behavior of the program itself to make it more convenient for the user.
They serve purposes such as block ads, integration with password managers, and sourcing coupons as items sent to a shopping cart.
According to NCC-CSIRT, the five malicious extensions the McAfee Mobile Research Team discovered earlier are Netflix Party with 800,000 downloads, Netflix Party 2 with 300,000 downloads, and Full Page Screenshot Capture Screenshotting with 200,000 downloads, FlipShope Price Tracker Extension with 80,000 downloads, and AutoBuy Flash Sales with 20,000 downloads.
The NCC-CSIRT said the five google chrome extensions identified have a high probability and damage potential and have been downloaded more than 1.4 million times and serve as access to steal users’ data. The telecom sector-focused cybersecurity protection team alerted telecom consumers to be cautious when installing any browser extension.
READ ALSO: NCC issues new ITR for implementation telecoms industry
The NCC-CSIRT in an advisory issued today said: “The users of these chrome extensions are unaware of their invasive functionality and privacy risk. Malicious extensions monitor victims’ visits to e-commerce websites and modify the visitor’s cookie to appear as if they came through a referrer link. Consequently, the extensions’ developers get an affiliate fee for any purchases at electronic shops.”
In addition, the advisory stated that, although the google team removed several browser extensions from its Chrome Web Store, keeping malicious extensions out may be difficult. The NCC-CSIRT, thus, recommended that telecom consumers observe caution when installing any browser extension.
“These include removing all listed extensions from their chrome browser manually. Internet users are to pay close attention to the promptings from their browser extensions, such as the permission to run on any website visited and the data requested before installing it. Although some extensions are seemingly legit, due to the high number of user downloads, these hazardous add-ons make it imperative for users to ascertain the authenticity of extensions they access,” the advisory stated.
The Computer Security Incident Response Team (CSIRT) is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.
-
Latest1 week agoAPC’s Asogwa wins Enugu North senatorial by-election by wide margin
-
Politics1 week agoPRP presidential primary heads to court as aspirant challenges Donald Duke’s nomination
-
Politics1 week agoWike-backed Lagos PDP extends olive branch to Bode George ahead of 2027 realignment
-
Latest5 days agoAlleged xenophobic attack claims life of Malawian street vendor in South Africa
-
Football2 days agoAfrica breaks World Cup record with seven teams in knockout stage
-
Latest7 days agoTroops close in on forest hideout as search continues for abducted Oyo schoolchildren
-
Energy1 week agoGlobal oil prices fall after U.S.–Iran talks
-
Aviation6 days agoHeading through the storm: Multiple taxes, complex leasing drag on Nigerian carriers