A phishing campaign is spreading brand new malware targeting Facebook users

Ducktail, a known phishing campaign that hijacks Facebook accounts running advertising campaigns for businesses, is now distributing a brand new infostealer malware.

According to researchers at according to Zscaler (opens in new tab), Ducktail previously used LinkedIn to distribute a piece of malware written in .NET Core that would steal Facebook Business account data stored in a web browser and exfiltrate it into a private Telegram channel which acted as the malware’s command & control server (C2), communicating with target systems to coordinate cyberattacks.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *