NCC WARNS NIGERIANS ABOUT NEW WAYS FOR HACKERS TO STEAL DATA VIA GOOGLE CHROME

The Nigerian Communications Commission's Computer Security Incident Response Team (NCC-CSIRT) has identified five malicious Google Chrome Extensions that secretly track and steal data from online browsers.

This was stated in a statement signed by Reuben Muoka, the Commission's Director of Public Affairs.

According to the NCC-CSIRT, the five malicious extensions previously discovered by the McAfee Mobile Research Team are Netflix Party (800,000 downloads), Netflix Party 2 (300,000 downloads), Full Page Screenshot Capture Screenshotting (200,000 downloads), FlipShope Price Tracker Extension (80,000 downloads), and AutoBuy Flash Sales (20,000 downloads).

According to the NCC-CSIRT, the five identified Google Chrome extensions have a high probability and damage potential, have been downloaded more than 1.4 million times, and serve as access to steal users' data. The telecom cybersecurity protection team warned telecom customers to be cautious when installing any browser extension.

"These chrome extensions' users are unaware of their invasive functionality and privacy risk. Malicious extensions track victims' visits to e-commerce websites and change the visitor's cookie to make it appear as if they arrived via a referrer link. As a result, the developers of the extensions receive an affiliate fee for any purchases made at electronic stores "According to the advisory.

In addition, the advisory stated that, although the google team removed several browser extensions from its Chrome Web Store, keeping malicious extensions out may be difficult. As a result, the NCC-CSIRT advised telecom customers to exercise caution when installing any browser extension.

"These include manually removing all listed extensions from their Chrome browser. Before installing a browser extension, users should pay close attention to the prompts, such as the permission to run on any website visited and the data requested. Although some extensions appear to be legitimate, due to the large number of user downloads, these dangerous add-ons make it critical for users to verify the authenticity of extensions they access "According to the advisory.

Google Chrome extensions are software programs that can be installed in Chrome to change the functionality of the browser. This includes adding new features to Chrome or changing the program's existing behavior to make it more user-friendly. They perform functions such as ad blocking, password manager integration, and coupon sourcing as items added to a shopping cart.

The NCC established the Computer Security Incident Response Team (CSIRT) as the telecom sector's cyber security incident center to focus on incidents in the telecom sector that may affect telecom consumers and citizens at large.