Security News > 2022 > July > Infostealer malware targets Facebook business accounts to capture sensitive data
Infostealer malware targets Facebook business accounts to capture sensitive data.
A new attack analyzed by cybersecurity provider WithSecure Intelligence targets Facebook business users with the intent of stealing their sensitive data and taking over their accounts.
In the malicious campaign dubbed Ducktail, cybercriminals look for companies that use Facebook's Business/Ads platform and then target people within the company who may have high-level access to the business accounts.
For personal Facebook accounts, the malware aims to grab the user's name, email address, birthdate and user ID. For business accounts, it seeks out the name, verification status, ad account limit, owner, role and names of clients.
"Historically we've seen similar attacks on social media accounts such as the Twitter hack in July 2020but the directed approach of targeting Facebook business accounts is a new and interesting angle. Contrasting with prior social media hijacking that makes itself obvious very quickly by posting links to scams or malware, this campaign is stealthier, looking to modify ad spends or introduce ad fraud."
Also See Share: Infostealer malware targets Facebook business accounts to capture sensitive data.