NITDA Warns of New “CovertCatch” Malware Threat Targeting LinkedIn Users

NITDA Warns of New “CovertCatch” Malware Threat Targeting LinkedIn Users

The National Information Technology Development Agency (NITDA) has issued a public advisory about a new malware threat named “CovertCatch,” which has been discovered spreading through LinkedIn.

The agency cautioned that this malware poses serious risks to individuals and organizations across key sectors, including defense, media, technology, and academia.

In a statement released recently, NITDA’s Director of Media and Corporate Communications, Mrs. Hadiza Umar, outlined the deceptive techniques employed by cybercriminals to lure LinkedIn users.

“By posing as recruiters or job opportunity providers, these cyber threat actors trick users into downloading malicious files or clicking harmful links,” she warned.

CovertCatch exploits LinkedIn as a means of convincing users they are engaging with legitimate job offers. Once installed, it covertly steals data, records keystrokes, and captures screen activity, leaving users and organizations vulnerable to financial losses, reputational harm, and severe data breaches.

Mrs. Umar noted that the malware is particularly alarming due to its ability to infiltrate networks and gather confidential information, creating opportunities for potential follow-up attacks, such as ransomware.

“The spread of CovertCatch malware via LinkedIn poses major risks to organizations and individuals,” she said.

The implications are especially concerning for sectors that depend heavily on data security, as an infection could compromise critical infrastructure and essential services.

In response, NITDA released several recommendations to help prevent infection.

LinkedIn users were advised to be cautious of unsolicited job offers or recruitment messages, especially those involving file downloads or external links.

“Organisations and individuals should be cautious of unsolicited job offers or recruitment messages on LinkedIn, particularly those that request file downloads or linking to external sources,” Umar advised.

NITDA also encouraged organizations to monitor unusual login attempts, adopt Multi-Factor Authentication (MFA) for all accounts, and ensure antivirus software is regularly updated.

“Keep antivirus software up-to-date and scan regularly to detect anomalies promptly,” she advised.

Additionally, NITDA recommended periodic audits of LinkedIn connections and enforcing role-based access controls on sensitive information.

Mrs. Umar stressed, “Organisations should periodically audit LinkedIn connections and restrict access to sensitive information based on role and necessity,” as a proactive measure to prevent unauthorized access.

With CovertCatch’s capabilities posing significant threats, NITDA’s advisory underscores the importance of vigilance and strong cybersecurity practices to protect against this emerging malware.