NTISB Warns Against Malicious Browser Extensions and VPNs

The National Telecom and Information Technology Security Board (NTISB) has recently issued a cybersecurity advisory urging Pakistani internet users to exercise caution when using certain browser extensions and VPNs. This warning stems from the rising number of cyberattacks targeting personal data through these tools.

Growing Threats from Browser Extensions

The advisory specifically identifies 16 browser extensions, including AI Assistant – ChatGPT, Gemini for Chrome, Bard AI Chat Extension, VPNCity, and Internxt VPN, as potentially compromised. These extensions, often designed to enhance browser functionality, have been exploited by hackers to inject malicious code, thereby risking users’ Personal Identification Information (PII). The NTISB highlights the vulnerabilities in these extensions, which range from widely-used AI tools to VPN services.

According to recent reports, a large-scale cyberattack exposed over 2.6 million users to data breaches through the manipulation of these extensions. The NTISB has advised users to avoid these specific extensions and opt for more secure alternatives. They further recommend installing only trusted extensions from reputable sources, regularly updating them, and removing any that are unnecessary.

Risks with Free VPN Services

Among the insecure extensions are VPNCity and Internxt VPN, which serve as Virtual Private Networks (VPNs). VPNs have gained popularity in Pakistan as a means to bypass internet restrictions. However, the NTISB and cybersecurity experts warn that many free VPN services pose significant security threats. Research indicates that a large percentage of free VPNs leak sensitive data, such as IP addresses and DNS information.

Free VPNs are often bundled with aggressive ads or malware and may collect users’ data for third-party sales. Users should conduct thorough research and consult multiple reviews before selecting the best VPN service for them, prioritizing those that charge subscription fees to cover operational costs.

The NTISB’s advisory encourages users to remain vigilant, reviewing the permissions and ratings of browser extensions before installation. Users are also urged to keep their antivirus software up to date and monitor their systems for any unusual activity.

As cybersecurity threats continue to evolve, how do you ensure the safety of your online data? Are you cautious about the extensions and VPNs you use? Share your thoughts in the comments below!