•Commission renews commitment to industry collaboration, inclusiveness
The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned those looking to acquire pirated software and resources that they risk becoming victims of cybercriminal gangs that are using AI-generated YouTube videos to distribute malware.
NCC-CSIRT further warned in its advisory that the consequences of falling victim can be significant for individuals and organisations, resulting in critical damage like data theft, financial loss, identity theft, system damage, and reputation damage.
It said unsuspecting victims, who watch these AI-generated tutorial videos will be duped into clicking on one of the links in the video description, which usually results in the download of data-stealing malware. NCC said the number of YouTube videos containing such links has increased by 200 per cent to 300 per cent month-on-month since November 2022.
According to the advisory, “To stimulate the interest of potential victims, video tutorials on how to pirate sought-after software such as AutoCAD, Adobe Photoshop, Adobe Premiere Pro, and other similar paid-for software are created. These videos are created with AI and feature humans with facial features that research has shown other humans find trustworthy.
“The tutorials in these videos are frequently bogus and steer viewers to links in the description that led to information-stealing malware like Raccoon, Vidar, and RedLine,” the advisory revealed.
The statement noted that malicious actors can create AI-generated videos that include hidden or disguised malware. These videos may appear to be harmless or even entertaining, but they can contain malicious code that can infect a viewer’s device when the video is downloaded or played.
“Cybercriminal actors can also use AI-generated videos to trick viewers into downloading malware. For example, they can create a video that appears to be a legitimate software update or security patch, but it contains malware that infects the viewer’s device.
“They equally use AI-generated videos to distribute phishing scams. They can create a video that appears to be from a legitimate company or organisation and prompts viewers to click on a link to enter their login credentials or personal information. Once the viewer clicks on the link, they are directed to a fake website that steals their information.”
MEANWHILE, NCC said it would continue to consult stakeholders on issues affecting telecommunication services deployments and developments, in line with its culture of inclusiveness, collaboration and partnership as predicated in its strategic focus.
The Executive Vice Chairman of the Commission (EVC), Prof Garba Danbatta, represented by Reuben Muoka, Commission’s Director of Public Affairs, gave the assurance while receiving a delegation of Food Basket Foundation International (FBFI), led by its Chief Executive Officer, Funmi Akinyele, during a courtesy visit to NCC in Abuja, affirming that the commission is committed to strengthening its regulation of the telecommunication sector, particularly providing the solid infrastructure and general industry regulations.
While commending the commission’s regulatory excellence, highlighting its effort in ensuring there are regulations, frameworks and guidelines to guard the telecoms sector and online civic space, Akinyele expressed concerns about the state of the social media with uncontrolled content. She said the visit to the regulator was to explore areas of collaboration in its programme to protect the digital civic space by combating misinformation and disinformation while mitigating risks to the digital civic space to ensure electoral integrity before, during and after the 2023 General Elections.
This initiative, she explained, comes under one of FBFI’s projects, dubbed, Safeguarding Digital Civic Space for Electoral Integrity (SDSEI). Speaking further, Muoka informed the team that the Commission is not responsible for the content of the social media as there are other government agencies that are responsible for that.
However, he said the commission has engaged in several aspects of protection of the users of the Internet, such as initiatives towards Child Online Protection, COP, deployment of the Computer Security Incident Response Team (NCC-CSIRT), set up to monitor cyber-attacks in the Nigerian cyberspace, in addition to the activities of the Commission’s department of New Media and Information Security set up to address issued of cybersecurity.