Skip to Content

Ducktail infostealer

Updated on 2022-11-23

WithSecure researchers observed the Vietnam-based Ducktail info-stealer targeting organizations operating on Facebook’s Business/Ads platform to hijack their accounts. Read more: Ducktail hackers now use WhatsApp to phish for Facebook Ad accounts

Updated on 2022-11-22

WithSecure says the DUCKTAIL malware operation has returned with new attacks after the company exposed its operations earlier this summer in July. The malware, believed to be operated from Vietnam, is known for targeting the Facebook profiles of people from the digital marketing and advertisement space with the primary goal of hijacking their Ads and Business accounts. See WithSecure’s technical report here/PDF. Read more:

Updated on 2022-10-14

Zscaler said it detected a campaign using cracked versions of popular games and software applications to distribute the Ducktail infostealer. Read more: New PHP Variant of Ducktail Infostealer Targeting Facebook Business Accounts

“Ducktail has been around since 2021, and is attributed to a Vietnamese threat group. Campaigns to-date have focused on taking over Facebook Business accounts, both to manipulate pages and to access financial information.”

Overview

Zscaler ThreatLabz stumbled upon a new campaign that uses a PHP version of the Ducktail infostealer masquerading as a free app for games, MS Office, Telegram, and others. Read more: New PHP Variant of Ducktail Infostealer Targeting Facebook Business Accounts

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.