19 matches found
Hackers Employ Updated Ducktail to Target Indian Marketers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The threat actors linked to the Ducktail stealer malware have been implicated in a new campaign that focused on marketing professionals in India. The primary goal of this campaign was to compromise and...
Ducktail fashion week
Ducktail is a malware family that has been active since the second half of 2021 and aims to steal Facebook business accounts. WithSecure and GridinSoft have covered Ducktail attacks: the infostealer spread under the guise of documents relating to well-known companies and brands projects and...
Vietnamese DarkGate Malware Targets META Accounts in the UK, USA, India
By Deeba Ahmed The cybersecurity researchers at WithSecure have identified a connection between Vietnamese DuckTail infostealer and DarkGate malware. KEY FINDINGS… This is a post from HackRead.com Read the original post: Vietnamese DarkGate Malware Targets META Accounts in the UK, USA, India...
Vietnamese Hackers Target U.K., U.S., and India with DarkGate Malware
Attacks leveraging the DarkGate commodity malware targeting entities in the U.K., the U.S., and India have been linked to Vietnamese actors associated with the use of the infamous Ducktail stealer. "The overlap of tools and campaigns is very likely due to the effects of a cybercrime marketplace,"...
DuckTail Targets the Digital Marketers with Malicious Operations
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DuckTail refers to an operation organized by several threat actors based in Vietnam. These threat actors not only employ common techniques but also share a common objective: to gain unauthorized access t...
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware. "Threat actors have long used fraudulent ads as a vector to target victims with scams, malvertising, and more,"...
Managed XDR Investigation of Ducktail in Trend Vision One™
The Trend Micro Managed XDR team investigated several Ducktail-related web browser credential dumping incidents involving different customers...
Managed XDR Investigation of Ducktail in Trend Micro Vision One™
The Trend Micro Managed XDR team investigated several Ducktail-related web browser credential dumping incidents involving different customers...
Meta Takes Down Malware Campaign That Used ChatGPT as a Lure to Steal Accounts
Meta said it took steps to take down more than 1,000 malicious URLs from being shared across its services that were found to leverage OpenAI's ChatGPT as a lure to propagate about 10 malware families since March 2023. The development comes against the backdrop of fake ChatGPT web browser extensio...
Meta Takes Down Malware Campaign That Used ChatGPT as a Lure to Steal Accounts
Meta said it took steps to take down more than 1,000 malicious URLs from being shared across its services that were found to leverage OpenAI's ChatGPT as a lure to propagate about 10 malware families since March 2023. The development comes against the backdrop of fake ChatGPT web browser extensio...
New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords
A new information-stealing malware has set its sights on Apple's macOS operating system to siphon sensitive information from compromised devices. Dubbed MacStealer, it's the latest example of a threat that uses Telegram as a command-and-control C2 platform to exfiltrate data. It primarily affects...
SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting critical government infrastructure employees, manufacturing companies, and other sectors since November 2022. "The threat actors behind the campaign are targeting Facebook business accounts by using...
Ducktail Malware Operation Evolves with New Malicious Capabilities
The operators of the Ducktail information stealer have demonstrated a "relentless willingness to persist" and continued to update their malware as part of an ongoing financially driven campaign. "The malware is designed to steal browser cookies and take advantage of authenticated Facebook session...
A week in security (October 17 - 23)
Last week on Malwarebytes Labs: Thermal cameras could help reveal your password How to spot a scam Warning: "FaceStealer" iOS and Android apps steal your Facebook login Criminal group busted after stealing hundreds of keyless cars Fake tractor fraudsters plague online transactions DeadBolt...
New PHP-based Ducktail infostealer is now after crypto wallets
A phishing campaign known to specifically target employees with access to their company's Facebook Business and Ads accounts has significantly widened its net and begun using a first-of-its-kind information-stealing malware to go after crypto wallets. The Ducktail Woo-ooh! campaign was first made...
New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts
A PHP version of an information-stealing malware called Ducktail has been discovered in the wild being distributed in the form of cracked installers for legitimate apps and games, according to the latest findings from Zscaler. "Like older versions .NetCore, the latest version PHP also aims to...
New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts
Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed Ducktail designed to seize control as part of a financially driven cybercriminal operation. "The threat actor targets individuals and employees that may have access to a Facebook Business account wit...
Ducktail Malware Exploits LinkedIn to Hack Facebook Business Accounts
By Waqas Ducktail malware targets users and organizations on Facebook Business and Ads platform in this financially motivated malicious new… This is a post from HackRead.com Read the original post: Ducktail Malware Exploits LinkedIn to Hack Facebook Business Accounts...
Novel Malware Hijacks Facebook Business Accounts
A new malware is hijacking high-profile Meta Facebook Business and advertising platform accounts through a phishing campaign that targets LinkedIn accounts. The malware, dubbed Ducktail, uses browser cookies from authenticated user sessions to take over accounts and steal data, researchers said...