The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT), has warned against five malicious Google Chrome extensions that surreptitiously track online browsers’ activities and steal their data.
NCC’s Director of Public Affairs (DPA), Mr Reuben Muoka, disclosed this in a statement on Saturday in Abuja.
Muoka said that the five malicious extensions were discovered by the McAfee mobile research team.
He said that they include Netflix Party with 800,000 downloads, Netflix Party 2 with 300,000 downloads, as well as full page screenshot capture screenshotting with 200,000 downloads.
Others are; flipShope price tracker extension with 80,000 downloads and autobuy flash sales with 20,000 downloads.
“The five google chrome extensions identified have a high probability, damage potential and have been downloaded more than 1.4 million times, while they serve as access to steal users’ data.
“The telecom sector-focused cybersecurity protection team alerted telecom consumers to be cautious when installing any browser extension.
“The users of these chrome extensions are unaware of their invasive functionality and privacy risk.
“Malicious extensions monitor victims’ visits to e-commerce websites and modify the visitor’s cookie to appear as if they came through a referrer link.
“Consequently, the extensions’ developers get an affiliate fee for any purchases at electronic shops,” he said.
The DPA stated that, although the google team removed several browser extensions from its Chrome Web Store, keeping malicious extensions out may be difficult.
He, however, said that the NCC-CSIRT, thus, recommended that telecom consumers observe caution when installing any browser extension.
