In a recent cybersecurity alert, the National Information Technology Development Agency (NITDA) has warned Google Chrome users to immediately update their browsers following the discovery of a major security vulnerability.
This flaw, identified as CVE-2024-7971, is currently being exploited by attackers, and users who fail to update their browsers are at risk of having their systems compromised.
The security flaw was detected in Chrome’s V8 JavaScript engine, a core component of the browser responsible for processing JavaScript files.
This flaw, classified as a “type confusion” vulnerability, allows cybercriminals to exploit memory corruption caused by misinterpreted data types, potentially leading to harmful programs being executed on affected systems.
If left unchecked, it could enable attackers to take full control of a user’s device.
According to the NITDA, the vulnerability can be triggered simply by visiting a malicious website.
The organisation’s Computer Emergency Readiness and Response Team (CERRT) has also warned that this flaw is under active exploitation by hackers, emphasizing the urgent need for users to install the latest updates.
The term “zero-day exploit” refers to a cyberattack that takes advantage of a previously unknown security vulnerability.
The attack occurs before developers have had the chance to fix the flaw, meaning there are “zero days” of warning to prevent the attack.
Such vulnerabilities are especially dangerous because hackers can exploit them before software developers issue a security patch.
In this case, Google Chrome’s zero-day exploit means that hackers have already found and are actively using the CVE-2024-7971 flaw to target users.
Although the number of users affected by this vulnerability has not been disclosed, it is known that some have been “targeted and compromised.”
Microsoft has reportedly notified those affected by the attack.
While the primary focus of the alert is on Google Chrome, users of Chromium-based browsers such as Brave, Microsoft Edge, Opera, and Vivaldi are also at risk.
These browsers share the same underlying code as Chrome, making them susceptible to the same security flaws.
NITDA and other cybersecurity agencies have strongly advised users of these browsers to check for and apply the necessary updates immediately.
Cyberattacks have become increasingly common, targeting individuals, corporations, and even governments.
These attacks can lead to serious consequences, including the theft of sensitive information, financial losses, and system crashes.
In April 2024, Nigeria witnessed one of its most significant cyberattacks when local fintech giant Flutterwave was hit by hackers.
In the breach, the attackers illegally transferred ₦11 billion (approximately $7.2 million) to several accounts in small amounts designed to evade fraud detection systems.
This incident highlighted the growing danger posed by cybercriminals and the need for stronger cybersecurity measures across the country.