NCC warns against Google Chrome extensions malware
The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned against five malicious Google Chrome extensions that surreptitiously track online browsers’ activities and steal their data.
NCC’s Director of Public Affairs (DPA), Reuben Muoka, made this known in a statement on Saturday in Abuja, saying that the five malicious extensions were discovered by the McAfee Mobile Research Team.
He said that they include Netflix Party with 800,000 downloads, Netflix Party 2 with 300,000 downloads, as well as Full Page Screenshot Capture Screenshotting with 200,000 downloads.
Others are FlipShope Price Tracker Extension with 80,000 downloads and AutoBuy Flash Sales with 20,000 downloads.
“The five google chrome extensions identified have a high probability, damage potential and have been downloaded more than 1.4 million times, while they serve as access to steal users’ data.
“The telecom sector-focused cybersecurity protection team alerted telecom consumers to be cautious when installing any browser extension. The users of these chrome extensions are unaware of their invasive functionality and privacy risk.
“Malicious extensions monitor victims’ visits to e-commerce websites and modify the visitor’s cookie to appear as if they came through a referrer link.
“Consequently, the extensions’ developers get an affiliate fee for any purchases at electronic shops,” he said.
The DPA stated that, although the Google team removed several browser extensions from its Chrome Web Store, keeping malicious extensions out may be difficult.
He, however, said that the NCC-CSIRT, thus, recommended that telecom consumers observe caution when installing any browser extension.
“This include removing all listed extensions from their chrome browser manually. Internet users are to pay close attention to the promptings from their browser extensions, such as the permission to run on any website visited and the data requested before installing it.
“Although some extensions are seemingly legit due to the high number of user downloads, these hazardous add-ons make it imperative for users to ascertain the authenticity of extensions they access,” Mr Mouka said.
Mouka stated that Google Chrome extensions were software programmes that can be installed into Chrome in order to change the browsers’ functionality.
“This includes adding new features to Chrome or modifying the existing behaviour of the program itself to make it more convenient for the user.
“They serve purposes such as block ads, integration with password managers and sourcing coupons as items sent to a shopping cart,” he added.
The Computer Security Incident Response Team (CSIRT) is the telecom sector’s cyber security incidence centre set up by the NCC, which focuses on incidents in the telecom sector as they may affect consumers and citizens at large.
We have recently deactivated our website's comment provider in favour of other channels of distribution and commentary. We encourage you to join the conversation on our stories via our Facebook, Twitter and other social media pages.
More from Peoples Gazette
Mr Tinubu urged the people to be “wise and discerning” as they prepared to choose the country’s next president, in the 2023 general election.
Benzema won the La Liga Santander Pichichi Trophy, Di Stefano Trophy and the Hyundai Supporters’ MVP Trophy.
Majority of Tinubu Support Organisations thronged the venue in their numbers bearing all manners of placards and banners.
The journalists and the officials were on their way from a free medical outreach in the riverine communities when they were attacked at Odofado.
He promised to address Nigeria’s numerous challenges, if eventually elected as Nigeria’s president in 2023.
Mr Aregbesola urged Nigerians to use the occasion of the celebration to think about the challenges facing the nation.