Nigerian users of Google Chrome are being advised to update their browsers urgently following the discovery of a serious security flaw. The vulnerability, identified as CVE-2024-7971, has been flagged as a critical threat by the National Information Technology Development Agency (NITDA), through its Emergency Readiness and Response Team (CERRT). This flaw is reportedly being actively exploited by cyber attackers, putting millions of online users at risk.
The vulnerability, known as a “zero-day” exploit, targets Google Chrome’s V8 JavaScript engine, which handles the processing of JavaScript files. This flaw, categorized as a type confusion error, can allow attackers to run malicious programs on devices that haven’t been updated with the latest security patches.
NITDA warns that the flaw could lead to severe consequences, including full system control by hackers, data breaches, and even system crashes. “This vulnerability enables attackers to potentially take full control of affected systems by exploiting memory corruption caused by misinterpretation of data types,” NITDA explained.
What makes this vulnerability particularly dangerous is that it can be triggered by something as simple as visiting a compromised or malicious website. Once activated, it could bypass security protocols, execute harmful code, and disrupt system operations.
While the global extent of the damage caused by this vulnerability has not been fully disclosed, Microsoft has notified those who were “targeted and compromised.” However, all Chrome users, including those in Nigeria, are urged to act immediately by updating their browsers.
Beyond Google Chrome, the warning also extends to users of Chromium-based browsers like Brave, Microsoft Edge, Opera, and Vivaldi. NITDA recommends updating these browsers as soon as new security patches become available to minimize the risk of exploitation.
Cyberattacks have been on the rise in Nigeria, and this recent vulnerability adds to a growing list of threats. In April 2024, Nigerian fintech company Flutterwave suffered a major security breach, losing ₦11 billion ($7.2 million) in funds. The attackers transferred small amounts of money across multiple accounts, evading fraud detection mechanisms.
Incidents like this highlight the urgent need for heightened cybersecurity measures in the country. As more Nigerians engage in online transactions, they become more vulnerable to these kinds of attacks, leading to significant financial and data losses.
In response to the growing threat of cybercrime, Nigeria has ramped up efforts to protect its digital space. In July 2023, NITDA announced a partnership with the Chartered Institute of Forensic and Certified Fraud Investigators of Nigeria (CIFCFIN) to establish a cybersecurity lab in 2024. This lab will be dedicated to researching and preventing cybercrime in Nigeria.
Additionally, the Lagos State Government launched a Cybersecurity Operations Centre (CSOC) in May 2024. The CSOC is designed to protect the state’s digital infrastructure from cyber threats and ensure the safety of online transactions for businesses and individuals
To mitigate the risks posed by this vulnerability, Google Chrome users are strongly encouraged to Update their browsers immediately to the latest version, Check for updates on other Chromium-based browsers such as Brave, Microsoft Edge, Opera, and Vivaldi, Avoid visiting suspicious websites or clicking on unknown links until the update is applied.
As cyber threats continue to evolve, Nigerian internet users must stay vigilant and proactive in safeguarding their devices and personal information. Updating browsers and software regularly remains one of the simplest yet most effective ways to avoid falling victim to these increasingly sophisticated cyberattacks.
By acting now, Chrome users in Nigeria can protect themselves from a potential disaster that could result in compromised personal data, financial loss, and even system failures. Stay safe, stay updated.