NCC Sends Warning to Nigerians on the Use of TikTok, Explains How Hackers Steal Users’ Personal Information
- The Nigerian Communications Commission has sent a note of warning to Nigerians on the use of TikTok
- The popular messaging app, which reports show has over 49 million Nigerian users, is now used to steal information
- NCC released the warning in its latest CSIRT advisory to keep internet users in Nigeria safe
PAY ATTENTION: How media literate are you? Click to take a quiz – bust fake news with Legit.ng!
The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned about the potential harm of using TikTok.
The commission specifically advised Nigerians taking part in the Invisible Challenge on the short-form video hosting service.
According to NCC, the Invisible Challenge on TikTok exposes users' devices to Information-Stealing Malware.
What is NCC warning on Tiktok usage
The NCC-CSIRT advisory revealed that threat actors had taken advantage of a viral TikTok challenge, known as the Invisible Challenge, to disseminate an information-stealing malware known as the WASP (or W4SP) stealer.
PAY ATTENTION: Follow us on Instagram - get the most important news directly in your favourite app!
The WASP stealer, which is high in probability with critical damage potential, is a persistent malware hosted on discord that its developer claim is undetectable.
The advisory reads:
“The Invisible Challenge involves wrapping a somewhat transparent body contouring filter around a presumed naked individual. Attackers upload videos to TikTok with a link to software that they claim can reverse the filter’s effects.
“Those who click on the link and attempt downloading the software, known as “unfilter,” are infected with the WASP stealer. Suspended accounts had amassed over a million views after initially posting the videos with a link.
"Following the link leads to the “Space Unfilter” Discord server, which had 32,000 members at its peak but has since been removed by its creators."
NCC also explained further that successful installation will allow the malware to harvest keystrokes, screenshots, network activity, and other information from devices where it is installed.
2022/2023 Prof Kwame Karikari Fact-Checking Fellowship begins, 21 journalists to go through 4-day training
It continues:
"It may also covertly monitor user behaviour and harvest Personally Identifiable Information (PII), including names and passwords, keystrokes from emails, chat programs, websites visited, and financial activity. This malware may be capable of covertly collecting screenshots, video recordings or the ability to activate any connected camera or microphone.
"Avoiding clicking on suspicious links, using anti-malware software on your devices, checking the app tray and uninstalling any apps you do not remember installing or that are inactive, and adopting good password hygiene practices, such as using a password manager, are some ways to prevent such an attack, according to the team.
NCC reveals list of mobile phones Nigerians must not buy or use
In another report, Legit.ng has revealed that the Nigerian Communications Commission (NCC) released a list of unapproved phones that Nigerians are not permitted to purchase or use.
The commission also advised against using the mentioned gadgets and warned against counterfeits.
Most of the phones listed are available in the market and can be purchased for as little as N2,000.
Source: Legit.ng