The National Information Technology Development Agency (NITDA) has raised a major cybersecurity alert, warning Nigerians about newly identified vulnerabilities in ChatGPT that could expose users to data breaches, manipulation, and long-term security risks due to ChatGPT vulnerabilities in Nigeria.
The advisory, released through NITDA’s Computer Emergency Readiness and Response Team (CERRT.NG), comes amid increasing dependence on AI tools for business, academic, and government tasks across the country. This dependency highlights the growing concern over ChatGPT and its vulnerabilities within Nigeria.
Seven Critical Flaws Found in GPT-4o and GPT-5 Model
According to NITDA, cybersecurity researchers discovered seven serious vulnerabilities affecting OpenAI’s GPT-4o and GPT-5 models. These weaknesses make it possible for attackers to exploit ChatGPT through indirect prompt injection, using hidden instructions embedded in webpages, comments, or URLs. In Nigeria, vulnerabilities in ChatGPT add extra concern.
NITDA explained that ChatGPT may unknowingly execute these malicious instructions during routine browsing, searching, or summarization, including specific impacts from vulnerabilities within Nigeria.
“By embedding hidden instructions in webpages, comments, or crafted URLs, attackers can cause ChatGPT to execute unintended commands simply through normal browsing, summarization, or search actions,” the agency stated.
Some vulnerabilities identified include:
- Bypassing of safety filters by disguising harmful content behind trusted domains
- Markdown rendering bugs that allow hidden malicious prompts
- Memory poisoning attacks that force ChatGPT to retain and reuse harmful instructions
Although OpenAI has patched parts of the flaws, NITDA noted that the models still struggle to reliably separate real user intent from embedded malicious data, particularly with vulnerabilities affecting Nigeria.
Potential Risks for Nigerians
NITDA warned that these vulnerabilities could lead to significant cybersecurity threats such as:
- Unauthorized actions performed by the AI
- Exposure of sensitive user information
- Manipulated, misleading, or incorrect responses
- Long-term behavioral changes from poisoned memory
The agency added that users could trigger these attacks without clicking anything, especially when ChatGPT processes unsafe webpages or search results. This forms part of the concerns regarding vulnerabilities in ChatGPT present in Nigeria.
NITDA’s Recommended Safety Measures
To reduce exposure to cyber threats from ChatGPT vulnerabilities in Nigeria, NITDA advised Nigerians, businesses, and government agencies to:
- Limit or completely disable browsing and summarization of untrusted websites
- Activate browsing and memory features only when required
- Regularly update GPT-4o and GPT-5 deployments to patch known vulnerabilities
Earlier Case: eSIM Vulnerability Exposed Over 2 billion Devices
This new advisory follows NITDA’s earlier warning on a global eSIM vulnerability traced to the GSMA TS 48 Generic Test Profile used in billions of smartphones, wearables, and IoT devices. It’s crucial for Nigerians considering the specifics of vulnerabilities tied to ChatGPT in Nigeria.
At the time, the agency cautioned that attackers could potentially:
- Install malicious applets
- Extract cryptographic keys
- Clone eSIM profiles
- Intercept communications or control devices remotely
