NITDA warns of ‘CovertCatch’ malware in LinkedIn job scams

The National Information Technology Development Agency (NITDA) has issued a public warning about recently discovered malware called “CovertCatch”.

The agency warned the public that malware distributed by cyber threat actors via LinkedIn poses significant risks to individuals and organizations in a variety of sectors, including defense, media, technology and academia.

In a statement issued in Abuja on Tuesday, the Director, Media and Corporate Communications, NITDA, Mrs. Hadiza Umar, highlighted the deceptive tactics used by the attackers, saying: “By posing as recruiters or job providers, these cyber threat actors trick users into downloading malicious files or clicking malicious links.”

She warned that CovertCatch was designed to infiltrate networks by using LinkedIn as a means to trick users into believing they were engaging in legitimate job offers.

Ms. Umar elaborated on the dangerous capabilities of malware, explaining: “CovertCatch can steal data, record keystrokes and capture screen activity without being detected.” She added that malware, once installed, can lead to devastating consequences, including financial loss, reputational damage and serious data breaches for affected parties.

Risks for key industries

According to NITDA, CovertCatch is of particular concern due to its ability to exploit vulnerabilities in critical sectors. Ms. Umar noted that “The spread of CovertCatch malware via LinkedIn poses a serious threat to organizations and individuals.”

Once introduced into a network or device, malware can intercept sensitive information, setting the stage for potential downstream attacks such as ransomware.
Additionally, the presence of malware on sensitive industry systems could compromise critical infrastructure and essential services, with implications for sectors that rely heavily on data security.

Ms. Umar emphasized that CovertCatch increases “risk of further attacks such as ransomware and system-wide compromise” which could have far-reaching consequences for these industries.

Recommended Security Measures

The NITDA guidelines included a number of recommendations to help organizations and individuals avoid becoming victims of CovertCatch malware.

Ms Umar urged LinkedIn users to be vigilant about unsolicited job offers or recruitment messages, especially those that offer to download files or external links. “Organizations and individuals should be wary of unsolicited job offers or job postings on LinkedIn, especially those that require file uploads or links to external sources.” she advised.
To mitigate potential risks, NITDA advised organizations to actively monitor for any unusual login attempts and implement security techniques such as multi-factor authentication (MFA) for all accounts. Ms. Umar emphasized the importance of regular security, recommending: “Keep your antivirus software up to date and scan it regularly to quickly detect anomalies.”

In addition, the agency suggested that companies conduct periodic reviews of LinkedIn connections and ensure compliance with role restrictions on access to sensitive information. Ms. Umar noted: “Organizations should periodically review LinkedIn connections and limit access to sensitive information based on role and need,” which she emphasized as a preventive measure to prevent unauthorized access.