LinkedIn phishing scams fuel spread of CovertCatch malware across key industries
October 30, 2024252 views0 comments
Joy Agwunobi
The National Information Technology Development Agency (NITDA) has recently issued an alert concerning a new malware threat known as “CovertCatch.” This sophisticated malware targets both individuals and organisations by leveraging LinkedIn as a distribution channel, a tactic that exposes unsuspecting users across sectors such as defence, media, technology, and academia to potential data breaches, financial losses, and reputational harm.
According to NITDA, CovertCatch is particularly concerning due to its ability to infiltrate systems undetected, collect sensitive information, and enable subsequent attacks, like ransomware, once embedded in a network.
“CovertCatch poses significant dangers as it remains undetected while recording keystrokes, capturing screen activity, and stealing data,” NITDA noted in its advisory. The agency described the tactics used by cyber attackers, explaining that threat actors often masquerade as recruiters or job opportunity providers on LinkedIn, luring users into clicking on malicious links or downloading infected files. “By posing as trusted sources on professional networks, cybercriminals increase their chances of infiltrating networks and causing harm,” NITDA noted.
The agency went on to emphasise the serious consequences for sectors that rely heavily on data security, explaining that CovertCatch could compromise critical infrastructure if it gains access to sensitive industry networks. “The spread of CovertCatch malware via LinkedIn poses major risks to organisations and individuals alike,” NITDA warned, highlighting that its presence within sensitive systems could lead to operational disruptions, data breaches, and even follow-up attacks targeting critical national infrastructure.
NITDA urged LinkedIn users to exercise caution when approached with unsolicited job offers or recruitment messages, particularly those that prompt file downloads or lead to external links. “Organisations and individuals should be wary of unsolicited recruitment messages on LinkedIn, especially when prompted to download files or visit external sources,” the advisory stated.
According to the agency, simple vigilance and scrutiny of LinkedIn messages can make a significant difference in reducing exposure to such threats. “CovertCatch capitalises on trust—trust that LinkedIn users place in potential job providers, but unfortunately, that trust can lead to a compromised network,” NITDA added.
In terms of protection strategies, NITDA advised organisations to reinforce security protocols by implementing Multi-Factor Authentication (MFA), which can reduce the likelihood of unauthorised access even if user credentials are compromised. “Incorporating MFA is essential; it offers a strong layer of protection that makes it significantly harder for threat actors to gain unauthorised entry,” NITDA emphasised. The advisory further recommended regular security maintenance, including keeping antivirus software updated and scanning systems frequently for anomalies. “Routine antivirus updates and regular system scans are crucial steps in early threat detection,” NITDA noted.
Additionally, NITDA advised organisations to conduct periodic audits of LinkedIn connections to ensure that no unauthorised parties have gained access to network resources. The agency also urged organisations to enforce role-based access restrictions on sensitive information, stating, “Organisations should periodically audit LinkedIn connections and restrict access to critical information based on role and necessity. Limiting data access to only those who need it can lower the risk of unauthorised access,” the agency stated, stressing the importance of safeguarding data at every level.