Home Community Insights NCC Issues Warning About Five Google Chrome Extension Malware

NCC Issues Warning About Five Google Chrome Extension Malware

NCC Issues Warning About Five Google Chrome Extension Malware
A computer screen with program code warning of a detected malware script program. 3d illustration

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has issued a warning about browser-based malware.

The CSIRT, the telecom sector’s cyber security incidence centre set up by the NCC to oversee and address issues affecting consumers in the telecom industry, identified five malicious Google Chrome Extensions that surreptitiously track online browser’s activities and steal their data, according to a statement issued yesterday by the NCC’s director of public affairs, Reuben Mouka.

The identified five malicious extensions were earlier discovered by the McAfee Mobile Research Team. There are as follows: Netflix Party with 800,000 downloads, Netflix Party 2 with 300,000 downloads, Full Page Screenshot Capture Screenshotting with 200,000 downloads, FlipShope Price Tracker Extension with 80,000 downloads, and AutoBuy Flash Sales with 20,000 downloads.

Tekedia Mini-MBA edition 16 (Feb 10 – May 3, 2025) opens registrations; register today for early bird discounts.

Tekedia AI in Business Masterclass opens registrations here.

Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.

The NCC-CSIRT said the five google chrome extensions identified have a high probability and damage potential and have been downloaded more than 1.4 million times and serve as access to steal users’ data. The telecom sector-focused cybersecurity protection team alerted telecom consumers to be cautious when installing any browser extension.

“The users of these chrome extensions are unaware of their invasive functionality and privacy risk. Malicious extensions monitor victims’ visits to e-commerce websites and modify the visitor’s cookie to appear as if they came through a referrer link. Consequently, the extensions’ developers get an affiliate fee for any purchases at electronic shops,” the advisory said.

In addition, the advisory stated that, although the google team removed several browser extensions from its Chrome Web Store, keeping malicious extensions out may be difficult. The NCC-CSIRT, thus, recommended that telecom consumers observe caution when installing any browser extension.

“These include removing all listed extensions from their chrome browser manually. Internet users are to pay close attention to the promptings from their browser extensions, such as the permission to run on any website visited and the data requested before installing it. Although some extensions are seemingly legit, due to the high number of user downloads, these hazardous add-ons make it imperative for users to ascertain the authenticity of extensions they access.” the advisory stated.

Google Chrome extensions are software programmes that can be installed into Chrome in order to change the browser’s functionality. This includes adding new features to Chrome or modifying the existing behavior of the program itself to make it more convenient for the user. They serve purposes such as block ads, integration with password managers and sourcing coupons as items sent to a shopping cart.

The latest warning has added to the flames of malware attacks that have seen an uptick in recent times. In 2021, there was an alarming 105% surge in ransomware cyberattacks across the globe.

Governments were the most attacked with a worldwide increase of 1,885% while the healthcare industry saw a 755% increase in those attacks in 2021, according to the 2022 Cyber Threat Report released by SonicWall, an internet cybersecurity company.

The attacks, which are designed to cripple people or businesses by making their computer systems unusable until they pay ransom, has become one of the biggest threats to online businesses. The increase in ransomware was attributed to the covid-induced shift to remote work and company employees working outside their office networks. The first half of 2022 has seen only 11% increase, following the reopening of offices.

No posts to display

Post Comment

Please enter your comment!
Please enter your name here