Security News > 2022 > July > New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts

New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts
2022-07-28 10:56

Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed Ducktail designed to seize control as part of a financially driven cybercriminal operation.

"The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim's Facebook account and ultimately hijack any Facebook Business account that the victim has sufficient access to."

The idea is to target employees with high-level access to Facebook Business accounts associated with their organizations, tricking them into downloading supposed Facebook advertising information hosted on Dropbox, Apple iCloud, and MediaFire.

It works by scanning for installed browsers such as Google Chrome, Microsoft Edge, Brave Browser, and Mozilla Firefox to extract all the stored cookies and access tokens, alongside stealing information from the victim's personal Facebook account such as name, email address, date of birth, and user ID. Also plundered are data from businesses and ad accounts connected to the victim's personal account, allowing the adversary to hijack the accounts by adding an actor-controlled email address retrieved from the Telegram channel and grant themselves Admin and Finance editor access.

While users with Admin roles have full control over the Facebook Business account, users with Finance editor permissions can edit business credit card information and financial details like transactions, invoices, account spend, and payment methods.

Facebook Business administrators are advised to review their access permissions and remove any unknown users to secure the accounts.


News URL

https://thehackernews.com/2022/07/new-ducktail-infostealer-malware.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Facebook 29 0 11 46 54 111