NITDA warns of new malware spread through LinkedIn job scams

·
October 30, 2024
·
2 min read
LinkedIn
  • Nigeria’s National Information Technology Development Agency (NITDA) has warned that cyber attackers are using LinkedIn to spread a new malware variant called ‘CovertCatch.’
  • Individuals and organisations in sectors such as defence, media, tech, and academia are being targeted, with attackers distributing malware through fake job offers.
  • These cybercriminals impersonate recruiters or job providers, tricking users into downloading malicious files or clicking harmful links.

Victims may be unaware they are at risk, as the malware often goes undetected. Once installed, it can steal confidential information, potentially leading to financial loss, data breaches, and reputational damage.

“CovertCatch can steal data, record keystrokes, and capture screen activity without being detected,” per NITDA.

Additionally, the malware increases the risk of further attacks, such as ransomware and system-wide compromise, posing a serious threat to industries and services.

In its alert, NITDA advised organisations and individuals to beware of unsolicited job offers or recruitment messages on LinkedIn, especially those requesting file downloads or linking to external sites.

Advertisement

Users should regularly monitor accounts for unusual login activity and enhance security by enabling multi-factor authentication, NITDA mentioned. Updating antivirus software and running frequent scans are also recommended to detect threats promptly.

NITDA also urged organisations to audit their LinkedIn connections periodically and restrict access to sensitive information according to roles and necessity.

This LinkedIn job scam warning is one of several recent cyber threat alerts issued by the agency. It had previously warned WordPress users in Nigeria about a vulnerability CVE-2024-28000, which affected over five million websites worldwide. Attackers could use the LiteSpeed Cache plugin, which is used to optimise websites, to gain complete control.

READ MORE   How the pandemic will disrupt banking and fintechs in Nigeria

In September 2024, the agency warned about a Google Chrome zero-day exploit, CVE-2024-7971, which attackers used to target Internet users.

In its cybersecurity efforts, NITDA announced it will collaborate with the Chartered Institute of Forensics and Certified Fraud Investigator of Nigeria (CIFCFIN) to launch a cybersecurity lab in 2024. This partnership aims to promote digital forensics, strengthen the tech ecosystem, and combat cybercrime.

Co-founder issues?
Whether you're just starting out or already dealing with co-founder challenges, this guide will help you avoid mistakes, solve conflicts, and build a strong partnership
E and C Form

Written by Omoruyi Edoigiawerie, a seasoned startup attorney with over a decade of experience. Learn more.

In other news, the South African Artificial Intelligence Association (SAAIA) filed a complaint with South Africa’s Information Regulator against LinkedIn, alleging unauthorised data usage. SAAIA claims LinkedIn’s practices could breach local data protection laws, including the Protection of Personal Information Act (POPIA).

Subscribe To Techpoint Digest
Join thousands of subscribers to receive our fun week-daily 5-minute roundup of happenings in African and global tech, directly in your inbox, hours before everyone else.
This is A daily 5-minute roundup of happenings in African and global tech, sent directly to your email inbox, between 5 a.m. and 7 a.m (WAT) every week day! 
Digest Subscription

Give it a try, you can unsubscribe anytime. Privacy Policy.

Other Stories
43b, Emina Cres, Allen, Ikeja.

 Techpremier Media Limited. All rights reserved
magnifier