The National Information Technology Development Agency (NITDA) has issued a public warning regarding a recently discovered malware called “CovertCatch”.

The agency alerted the public that malware, spread by cyberthreat actors through LinkedIn, poses significant risks to individuals and organizations in various sectors, including defense, media, technology and security. academic world.

In a statement issued on Tuesday in Abuja, the Director of Media and Corporate Communications, NITDA, Mrs. Hadiza Umar, highlighted the deceptive tactics used by the attackers, saying: “By posing as recruiters or job opportunity providers, these cybercriminals trick users into downloading malicious files or clicking on harmful links. »

She warned that CovertCatch was designed to infiltrate networks using LinkedIn as a means to trick users into believing they were interacting with legitimate job postings.

Ms. Umar explained the dangerous capabilities of the malware, explaining: “CovertCatch can steal data, record keystrokes, and capture screen activity without being detected.” She added that the malware, once installed, can have devastating consequences, including financial losses, reputational damage and serious data breaches for affected parties.

Risks for key industries

According to NITDA, CovertCatch is of particular concern due to its ability to exploit vulnerabilities in critical industries. Ms. Umar emphasized that “The spread of CovertCatch malware via LinkedIn poses major risks to organizations and individuals. »

• Once embedded in a network or device, malware can capture confidential information, paving the way for possible subsequent attacks, such as ransomware.
• Additionally, the presence of malware in sensitive industrial systems could compromise critical infrastructure and essential services, with implications for industries that rely heavily on data security.

Ms Umar highlighted that CovertCatch is increasing “the risk of new attacks like ransomware and system-wide compromise,” which could have considerable consequences for these industries.

Recommended Security Practices

The NITDA advisory included a series of recommendations aimed at helping organizations and individuals avoid falling victim to CovertCatch malware.

• Ms Umar urged LinkedIn users to be vigilant of unsolicited job postings or recruitment messages, especially those encouraging file downloads or external links. “Organizations and individuals should be wary of unsolicited job postings or recruiting messages on LinkedIn, especially those that request file downloads or links to external sources. » » she advised.
• To mitigate potential risks, NITDA advised organizations to actively monitor any unusual login attempts and adopt security practices such as multi-factor authentication (MFA) for all accounts. Ms. Umar stressed the importance of maintaining security regularly, recommending: “Keep antivirus software up to date and scan it regularly to quickly detect anomalies. »

Additionally, the agency suggested companies conduct periodic audits of LinkedIn logins and apply role-based access restrictions to sensitive information. Ms Umar noted: “Organizations should periodically audit LinkedIn connections and restrict access to sensitive information based on role and necessity. » which she highlighted as a proactive measure to prevent unauthorized access.

---

Follow us for the latest news and market insights.