Two Cyber Vulnerabilities Found by NCC-CSIRT

The Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) detected two cyber vulnerabilities independently and advised Nigerian telecom customers on how to defend themselves from cyber-attacks.

In its first-ever security advisories, issued less than three months after its inception, the CSIRT has alone discovered two cyber-attacks aimed at consumers and offered solutions to protect telecom customers from the two cyber vulnerabilities.

The first is known as Juice Jacking, and it involves gaining access to consumers’ devices while charging their phones at public charging stations. It affects all mobile phones. The other vulnerability is a Facebook for Android Friend Acceptance Vulnerability, which exclusively affects Android users.

According to the CSIRT security advisory 0001 issued on January 26, 2022, attackers have discovered a new approach to get unwanted access to unsuspecting mobile phone users’ devices when they charge their phones at public charging stations via Juice Jacking.

In order to improve customer service, many public venues, restaurants, shops, and even public trains provide complimentary services, one of which is charging connections or sockets.

An attacker, on the other hand, may take advantage of this kindness by loading a payload in the charging station or on the cords they’d leave plugged in at the stations.

The payload is automatically downloaded onto the victims’ phones whenever they plug their phones into the charging station or the wire left by the attacker. This payload grants the attacker direct access to the phone, allowing them to monitor data sent as text or audio via the microphone. If the victim’s camera isn’t covered, the assailant can even see them in real time. The attacker also has complete access to the phone’s gallery and GPS position.

When an attacker gains remote access to a user’s mobile phone, he compromises the user’s privacy, violates data integrity, and circumvents authentication mechanisms. A sudden jump in battery use, device performance that is slower than usual, apps that take a long time to launch and then crash often, and irregular data usage are all possible symptoms of an attack.

The NCC-CSIRT, on the other hand, suggested avoiding Universal Serial Bus (USB) data connection by utilizing a “charging only USB cable,” using one’s AC charging adaptor in public places, and not extending trust to portable devices that prompt for USB data connection.

Other anti-Juice Jacking measures include installing antivirus software and keeping it up to date with the latest definitions; keeping mobile devices up to date with the latest patches; using one’s own power bank; charging in public places with one’s own charger; and charging in public with one’s own charger.

The NCC-CSIRT Advisory 0001 of January 27, 2022, on the other hand, cautions that Facebook for Android is vulnerable to a permission vulnerability that allows anyone with physical access to the phone to accept friend requests without having to unlock it. Versions 329.0.0.29.120 of Android OS are among the goods affected.

The attacker will be able to add the victim as a friend and acquire personal information from him/her, such as email, date of birth, check-ins, mobile phone number, address, pictures, and other information that the victim may have shared, which will only be available to the victim’s friends.

NCC-CSIRT suggests that users disable the feature from their device’s lock screen notification settings to protect themselves from the Facebook-related vulnerability, according to the security alert.

The NCC-CSIRT was established in October 2021 to provide guidance and direction to constituents in dealing with issues relating to the security of critical infrastructure in their possession, as well as to assess, review, and collate the threat landscape, risks, and opportunities affecting the communications sector on a regular basis in order to advise relevant stakeholders.

The NCC-CSIRT, as the telecoms-industry-specific intervention, ensures continuous improvement of processes and communication frameworks to ensure secure and collaborative exchange of timely information while responding to cyber threats within the sector, which aligns with the goal of the National Cybersecurity Policy and Strategy (NCPS) document published by the Office of the National Security Adviser (ONSA).

The Nigerian Cybersecurity Emergency Response Team (ngCERT), which is the national body for the implementation of the NCPS objective, has recently highlighted a series of cyber-vulnerability awareness. The two first cyber vulnerabilities published by the NCC-CSIRT are Juice Jacking and Facebook for Android Friend Acceptance Vulnerabilities.

Leave a Reply

Your email address will not be published.

Next Post

Cybercriminals Have Unleashed a New SMS-based Android Malware Called TangleBot

Sat Jan 29 , 2022
TangleBot, a new high-risk, critical, and Short Messaging Service-based malware, has infected Android mobile devices, according to the Nigerian Communications Commission (NCC). TangleBot uses tactics that are similar to those used by the renowned FlutBot SMS Android virus that was recently announced. TangleBot takes control of the device in a […]

Categories