New Malware Stealing Data Through Facebook
New Malware Stealing Data Through Facebook
Your personal information may be being stolen by a phishing campaign with as harmless a name as ‘Ducktail.’
Ducktail hijacks Facebook accounts that run advertising campaigns for businesses. It does this by distributing malicious software or malware.
Zscaler, a California-based cloud computing company Ducktail was earlier using Telegram to steal Facebook Business Account Data through LinkedIn.
The new malware being distributed by Ducktail doesn’t only steal Facebook-adjacent data (that is, data linked to your Facebook account) but other sensitive data, including basic system information, account information, and information related to cryptocurrency wallets.
The way Ducktail operates has changed as well. Rather than using a Telegram Channel as its C2 (command & control server), it sends the data to a JSON (JavaScript Object Notation) website.
According to ZsCaler, the malware is shared through a legitimate file hosting service and doesn’t show up on your antivirus radar because it only downloads itself directly into your computer’s memory.
Users have been informed that the best way to save themselves from Ducktail’s data-stealing malware is to browse anonymously (using an incognito tab) or, better yet, make sure that no sensitive information is shared in their browsers.
What’s worrying is that if your endpoint security (your antivirus) is compromised by a Facebook Business Account (which is what Ducktails’ malware does), then your sensitive financial data, including PayPal data, may be compromised.
While endpoint virus security that comes with web protection is no match for the malware, it can still help protect you from it by keeping you away from the sites where it hides.
Kindly read another articles :
Uber Claims No Sensitive Data Exposed in Latest Breach… But There’s More to This
Foreign nationals arrested for cheating women on Instagram
About Author
