Remove These Apps Now, They Steal Users Information-NCC Warns

The Nigerian Communications Commission (NCC) has warned Nigerians to remove 5 Google Chrome extensions because they are stealing users information.

The Google Chrome extensions in question are:

1. McAfee Mobile

McAfee Mobile is a security Chrome extension that claims to protect your Android phone from viruses and malware.

McAfee Mobile is actually a third-party app. It’s not developed by McAfee, the well-known antivirus software company. Instead, it was created by an unknown developer who uses McAfee’s logo in its name and even uses the same red shield icon.

In some cases, McAfee Mobile has been found to collect sensitive information from users’ devices without their consent and sell it to third parties.

2. Netflix Party and Netflix Party 2

These two extensions were created by the same developer and they were supposed to be used to watch videos with your friends and chat together at the same time. However, they also have the ability to steal users’ personal information.

The apps have been blacklisted from the Chrome extensions store but if you have one installed on your phone, we advise that you delete it immediately.

3. Full Page Screenshot Capture

Full Page Screenshot Capture is another extension that has been flagged by the NCC. Users should be aware that this extension can record their keystrokes and capture their screen without their consent.

4. FlipShope Price Tracker

FlipShope is a price-tracking extension that allows users to monitor prices of different products on Amazon and Flipkart, as well as other e-commerce sites. However, NCC has discovered that it is also stealing user data.

5. AutoBuy Flash

AutoBuy Flash is a malicious Chrome extension that targets online shopping websites such as eBay, Amazon, Best Buy and Walmart. The extension adds an “Order Now” button on these websites when you visit them for the first time.

Once you click this button, AutoBuy Flash automatically fills out your billing information and credit card number along with other personal data such as home address and telephone number.

The data is then sent to the developers of this malware via HTTP POST requests over an encrypted connection using TLS 1.2 protocol. This enables them to steal user information without having any access to their private data.

NCC also said that these extensions have been installed more than 1.4 million times, The statement said:

“The users of these chrome extensions are unaware of their invasive functionality and privacy risk. Malicious extensions monitor victims’ visits to e-commerce websites and modify the visitor’s cookie to appear as if they came through a referrer link. Consequently, the extensions’ developers get an affiliate fee for any purchases at electronic shops,”

“These include removing all listed extensions from their chrome browser manually. Internet users are to pay close attention to the promptings from their browser extensions, such as the permission to run on any website visited and the data requested before installing it.”

“Although, some extensions are seemingly legit, due to the high number of user downloads, these hazardous add-ons make it imperative for users to ascertain the authenticity of extensions they access. Read more: Although, some extensions are seemingly legit, due to the high number of user downloads, these hazardous add-ons make it imperative for users to ascertain the authenticity of extensions they access.”

NCC also suggested that people should read reviews about an extension before downloading it because they could reveal whether it is legitimate or not before installing it on their devices.

Scroll to Top