Tag:

Nigerian Communications Commission

Five Chrome Extensions Stealing User Information – NCC Warns

by Folarin Kehinde September 16, 2022

written by Folarin Kehinde

The Nigerian Communications Commission (NCC) has identified five malicious chrome extensions that they urge Nigerians to delete immediately.

According to the commission, the extensions surreptitiously track online browser activities and steal users’ data.

These extensions were identified by the Computer Security Incident Response Team of the NCC (NCC – CSIRT) and announced it on their website at ncc.gov.ng.

The five malicious extensions are McAfee Mobile, Netflix Party, Netflix Party, Full Page Screenshot Capture Screenshotting, FlipShope Price Tracker Extension, and AutoBuy Flash Sales.

These extensions have been downloaded over 1 million times at the time of writing this report. Their sole intentions are to steal user data and monitor their online activities.

According to NCC-CSIRT the five google chrome extensions identified have a high probability and damage potential, have been downloaded more than 1.4 million times, and serve as access to steal users’ data.

Part of the advisory from NCC reads: “The users of these chrome extensions are unaware of their invasive functionality and privacy risk.

Malicious extensions monitor victims’ visits to e-commerce websites and modify the visitor’s cookie to appear as if they came through a referrer link.

Consequently, the extensions’ developers get an affiliate fee for any purchases at electronic shops.

NCC also stated that although the google team removed several browser extensions from its Chrome Web Store, keeping malicious extensions out may be difficult.

The NCC-CSIRT, thus, recommended that telecom consumers observe caution when installing any browser extension.

These include removing all listed extensions from their chrome browser manually. Internet users are to pay close attention to the promptings from their browser extensions, such as the permission to run on any website visited and the data requested before installing it.

Although, some extensions are seemingly legit, due to the high number of user downloads, these hazardous add-ons make it imperative for users to ascertain the authenticity of extensions they access.

September 16, 2022 0 comments

Headlines

NCC Cautions Nigerians against TangleBot Malware Unleashed by Cybercriminals

by Folarin Kehinde January 31, 2022

written by Folarin Kehinde

The Nigerian Communications Commission (NCC) says mobile users should practice safe messaging practices and avoid clicking on suspicious links in texts.

The Nigerian Communications Commission (NCC), again, has been informed of a new high-risk, critical and Short Messaging Service-based malware, TangleBot, infecting Android mobile devices.

TangleBot employs more or less similar tactics as the recently-announced notorious FlutBot SMS Android malware that targets mobile devices. TangleBot equally gains control of the device but in far more invasive manner than the FlutBot malware.

The disclosure on TangleBot was made in a recent security advisory made available to the Commission’s New Media and Information Security Department by the Nigerian Computer Emergency Response Team (ngCERT).

TangleBot Android malware is installed when an unsuspecting user clicks on a malicious link disguised as COVID-19 vaccination appointment-related information in an SMS message or information about fake local power outages that are due to occur.

The aim behind both or either of the messages (on COVID-19 or impending power outages) is to encourage potential victims to follow a link that supposedly offers detailed information.

Once at the page, users are asked to update applications such as Adobe Flash Player to view the page’s content by going through nine (9) dialogue boxes to give acceptance to different permissions that will allow the malware operators initiate the malware configuration process.

The immediate consequence to this, is that TangleBot gains access to several different permissions when installed on a device, allowing it to eavesdrop on user communications.

The malware then steals sensitive data stored on the device and monitors almost every user activity, including camera use, audio conversations, and location, among other things.

Furthermore, the malware takes complete control of the targeted device, including access to banking data, and can reach the deepest recesses of the Android operating system.

The NCC, therefore, wishes to, once again, urge millions of telecom consumers in Nigeria to be wary of such wiles of cyber criminals, whose intent is to defraud unsuspecting Internet users.

In order to ensure maximum protection for Internet users in the country, the ngCERT has offered a number of preventive measures to be taken by the consumers.

These measures include an advisory to telecom consumers and other Internet users to refrain from opening Uniform Resource Locators (URLs) from unknown sources while using your mobile devices.

Additionally, telecom consumers should never respond or send reply to messages or call back a phone number that is associated with the text that they are unaware of. Should any telecom consumer or Internet user become curious and wish to ascertain the authenticity of any call or messages and wish to probe the incident, such persons may do a web search of both the number and the message content.

The NCC hereby reiterates that mobile users are under obligation to practice safe messaging practices and avoid clicking on any links in texts, even if they appear to come from a legitimate contact. Indeed, it is important to be judicious when downloading apps by reading install prompts closely, looking out for information regarding rights and privileges that the app may request.

Other risk-mitigating measures advised by ngCERT is for users to be cautious of procuring any software from outside a certified app store. Advisedly, it is safer to call the company directly rather than using the phone number on the message received, especially if the message is spoofing a company.

Finally, telecom consumers and other Internet users should report any incident of system compromise to ngCERT via incident@cert.gov.ng for necessary support and technical assistance.

The Commission expresses its commitment to continuously inform and educate mobile telephony subscribers and Internet users in Nigeria, on cyber risks, however they may manifest.

This is to insulate them from the dangers and losses arising from cybercrimes of any kind.

January 31, 2022 0 comments

Headlines

NIN: FG Extends SIM Connection Deadline for the 8th time

by Folarin Kehinde October 30, 2021

written by Folarin Kehinde

The federal government has again extended the deadline for phone users to link their lines with their National Identity Numbers (NIN).

The deadline was to elapse on Sunday October 31, but the government has moved it to end of the year.

This was disclosed in a statement jointly signed by the spokespersons of the Nigerian Communications Commission (NCC), Ikechukwu Adinde, and the National Identity Management Commission (NIMC), Kayode Adegoke.

It is the eighth time the government would shift the deadline for the registration since it mandated compulsory registration and linkage in December 2020.

“The decision to extend the deadline was made further to appeals by the Mobile Network Operators and other industry stakeholders, soliciting for a further extension to ensure better compliance with government’s directive and to avoid widening the digital divide,” the statement said.

“The extension would also provide the enabling environment for the registration of Nigerians in remote areas, diaspora, schools, hospitals, worship centres, as well as foreigners, diplomatic missions, those in other areas that were hitherto unreachable, and increase enrolments in countries with a significant number of Nigerians.”

It said the review of the progress of the exercise indicated that over 66 million unique National Identity Numbers (NIN) had been issued- an indication of progress achieved in the ongoing NIN-SIM linkage.

“However, a significant part of the populace is yet to be registered into the National Identity Database (NIDB), which may be due to some challenges which the Federal Government has looked into and has made efforts to alleviate, hence the need to extend the deadline,” it said.

It said as of October 30, there were over 9,500 enrolment systems and over 8,000 NIN enrolment centres within and outside the country- this has significantly eased the NIN enrolment process and subsequent linkage of NIN to SIM.

October 30, 2021 0 comments

Headlines

NCC Alert Nigerians on virus that steals Banking Details

by Folarin Kehinde October 24, 2021

written by Folarin Kehinde

The Nigerian Communications Commission has alerted millions of Nigerian telecom consumers of the existence of new, high-risk, and extremely damaging, Malware called Flubot.

The commission warns that the virus steals banking details from devices.

This was contained in a press statement by the commission titled, ‘NCC alerts telecom consumers on Flubot Malware… Lists measures to guard against attack.”

NCC noted that according to the information received from the Nigeria Computer Emergency Response Team, Flubot “targets Androids with fake security updates and App installations”.

How the virus works

The statement quoted ngCERT as affirming that Flubot “impersonates Android mobile banking applications to draw fake web view on targeted applications and its goal transcends stealing personal data and essentially targets stealing of credit card details or online banking credentials.

“FluBot is circulated through Short Message Service and can snoop “on incoming notifications, initiate calls, read or write SMSes, and transmit the victim’s contact list to its control centre.”

“This malware attacks Android devices by pretending to be “FedEx, DHL, Correos, and Chrome applications” and compels unsuspecting users to alter the accessibility configurations on their devices in order to maintain a continuous presence on devices.

“The new malware undermines the security of devices by copying fake login screens of prominent banks, and the moment the users enter their login details on the fake pages, their data is harvested and transmitted to the malware operators’ control point from where the data is exploited by intercepting banking-related One Time Passwords and replacing the default SMS app on the targeted Android device.

“Consequently, it secures admittance into the device through SMS and proceeds to transmit similar messages to other contacts that may be on the device it has attacked enticing them into downloading the fake app.

“It suffices to say that, when Flubot infects a device, it can result in incalculable financial losses. Additionally, the malware creates a backdoor which grants access to the user’s device, thus enabling the invader or attacker to perform other criminal actions, including launching other variants of malware.”

The NCC hereby wishes to reiterate the advisory of ngCERT as follows:

In view of this discovery and understanding of the process by which this malware operates, and in order to protect millions of telecom consumers and prevent criminal forces, irrespective of location, from using telecom platforms to perpetrate fraud and irredeemable damages, the NCC advised that:

Do not click on the link if you receive a suspicious text message, and do not install any app or security update the page asks you to install.
Use updated antivirus software that detects and prevents malware infections.
Apply critical patches to the system and application.
Use strong passwords and enable Two-Factor Authentication (2FA) over logins.
Back-up your data regularly.
If you have been affected by this campaign, you should reset your device to factory mode as soon as possible. This will delete any data on your phone, including personal data.
Do not restore from backups created after installing the app. You may contact ngCERT on incident@cert.gov.ng for technical assistance.
You will also need to change the passwords to all of your online accounts, with urgency, around your online bank accounts.
If you have concerns that your accounts may have been accessed by unauthorised people, contact your bank immediately.

October 24, 2021 0 comments

Headlines

NCC Extends MTN’s Licences by 10 years

by Folarin Kehinde September 8, 2021

written by Folarin Kehinde

The Nigerian Communications Commission (NCC) has renewed the license of MTN for a period of ten years.

The telecom company said this in a statement on Wednesday.

MTN said the NCC has renewed its Unified Access Service (UAS) licence and spectrum licence for wireless local loop in the 900 MHz and 1 800 MHz band.

MTN’s operation licences had expired on 31 August, but it said the licence renewal took effect from September 1.

MTN paid N71.6bn for the spectrum licence and N374.6m for the UAS licence, the telecoms firm announced.

The amount is in settlement of their invoices for a ten years period beginning 1st of September 2021 to 31 August, 2031.

MTN Nigeria CEO Karl Toriola said ,”Renewing our licences for another ten years is very important to our business and enables us to continue to provide services to ensure the benefits of a modern connected life for our people.”

September 8, 2021 0 comments