Cybercriminals mask ‘CovertCatch’ malware through fake LinkedIn Jobs

The National Information Technology Development Agency (NITDA) has raised concerns about a recent cyberattack campaign involving a new malware strain called “CovertCatch.”

Cybercriminals are exploiting LinkedIn to spread the malware through fake job offers targeting key industries, including defense, media, technology, and academia, according to the IT agency.

“The spread of CovertCatch malware via Linkedin,” according to NITDA, “poses major risks to organisations and individuals. Once installed on the victim’s network or device, it can steal confidential information, leading to financial loss, reputational damage, and data breaches. It also increases the risk of further attacks like ransomware and system-wide compromise, threatening key industries and essential services.”

How severe is ‘CovertCatch’ malware?

NITDA warns that the presence of CovertCatch on a network or device could lead to severe repercussions, including financial losses, data breaches, and reputational harm. The malware’s ability to infiltrate systems unnoticed also increases the likelihood of further cyberattacks, such as ransomware, impacting vital services and sectors.

Preventive Recommendations
To counteract the threat posed by CovertCatch, NITDA urges internet users to be cautious with unsolicited LinkedIn job offers, particularly those requiring file downloads or containing external links.

Some of the agency’s key recommendations include:

Scrutinize job offer: Avoid engaging with unsolicited recruitment messages that ask for downloads or lead to external sources.

Enhance account security: Use multi-factor authentication (MFA) for accounts and monitor for unusual login activity.

Update security software: Keep antivirus programs current and conduct regular scans to catch potential threats.

Restrict sensitive access: Organisations should audit LinkedIn connections periodically and limit access to confidential data based on roles.