NCC Sends Warning to Nigerians on the Use of TikTok, Explains How Hackers Steal Users’ Personal Information

NCC Sends Warning to Nigerians on the Use of TikTok, Explains How Hackers Steal Users’ Personal Information

  • The Nigerian Communications Commission has sent a note of warning to Nigerians on the use of TikTok
  • The popular messaging app, which reports show has over 49 million Nigerian users, is now used to steal information
  • NCC released the warning in its latest CSIRT advisory to keep internet users in Nigeria safe

PAY ATTENTION: How media literate are you? Click to take a quiz – bust fake news with Legit.ng!

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned about the potential harm of using TikTok.

The commission specifically advised Nigerians taking part in the Invisible Challenge on the short-form video hosting service.

According to NCC, the Invisible Challenge on TikTok exposes users' devices to Information-Stealing Malware.

NCC tiktok users in Nigeria
NCC sends warning on use of TikTok Credit: @NCC
Source: Facebook

What is NCC warning on Tiktok usage

The NCC-CSIRT advisory revealed that threat actors had taken advantage of a viral TikTok challenge, known as the Invisible Challenge, to disseminate an information-stealing malware known as the WASP (or W4SP) stealer.

Read also

Three men arrested for hacking POS portal to steal N16 million

PAY ATTENTION: Follow us on Instagram - get the most important news directly in your favourite app!

The WASP stealer, which is high in probability with critical damage potential, is a persistent malware hosted on discord that its developer claim is undetectable.

The advisory reads:

“The Invisible Challenge involves wrapping a somewhat transparent body contouring filter around a presumed naked individual. Attackers upload videos to TikTok with a link to software that they claim can reverse the filter’s effects.
“Those who click on the link and attempt downloading the software, known as “unfilter,” are infected with the WASP stealer. Suspended accounts had amassed over a million views after initially posting the videos with a link.
"Following the link leads to the “Space Unfilter” Discord server, which had 32,000 members at its peak but has since been removed by its creators."

NCC also explained further that successful installation will allow the malware to harvest keystrokes, screenshots, network activity, and other information from devices where it is installed.

Read also

2022/2023 Prof Kwame Karikari Fact-Checking Fellowship begins, 21 journalists to go through 4-day training

It continues:

"It may also covertly monitor user behaviour and harvest Personally Identifiable Information (PII), including names and passwords, keystrokes from emails, chat programs, websites visited, and financial activity. This malware may be capable of covertly collecting screenshots, video recordings or the ability to activate any connected camera or microphone.
"Avoiding clicking on suspicious links, using anti-malware software on your devices, checking the app tray and uninstalling any apps you do not remember installing or that are inactive, and adopting good password hygiene practices, such as using a password manager, are some ways to prevent such an attack, according to the team.

NCC reveals list of mobile phones Nigerians must not buy or use

In another report, Legit.ng has revealed that the Nigerian Communications Commission (NCC) released a list of unapproved phones that Nigerians are not permitted to purchase or use.

The commission also advised against using the mentioned gadgets and warned against counterfeits.

Read also

Apple faces critics over its privacy policies

Most of the phones listed are available in the market and can be purchased for as little as N2,000.

Source: Legit.ng

Online view pixel