Security News

New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts
2022-07-28 10:56

Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed Ducktail designed to seize control as part of a financially driven cybercriminal operation. "The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim's Facebook account and ultimately hijack any Facebook Business account that the victim has sufficient access to."

Infostealer malware targets Facebook business accounts to capture sensitive data
2022-07-27 14:05

Infostealer malware targets Facebook business accounts to capture sensitive data. A new attack analyzed by cybersecurity provider WithSecure Intelligence targets Facebook business users with the intent of stealing their sensitive data and taking over their accounts.

Vietnamese attacker circumvents Facebook security with ‘DUCKTAIL’ malware
2022-07-27 05:03

Security vendor WithSecure, which was spun out in March 2022 as F-Secure's enterprise security arm, claims it's found malware that targets Facebook Business accounts. "The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim's Facebook account and ultimately hijack any Facebook Business account that the victim has sufficient access to."

Novel Malware Hijacks Facebook Business Accounts
2022-07-26 18:15

A new malware is hijacking high-profile Meta Facebook Business and advertising platform accounts through a phishing campaign that targets LinkedIn accounts. "The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim's Facebook account and ultimately hijack any Facebook Business account that the victim has sufficient access to," researchers wrote in a blog post accompanying the report.

Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands
2022-07-26 13:05

The bloom is back on phishing attacks with criminals doubling down on fake messages abusing popular brands compared to the year prior. Microsoft, Facebook and French bank Crédit Agricole are the top abused brands in attacks, according to study on phishing released Tuesday.

Targeted campaign uses infostealer to hijack Facebook Business accounts
2022-07-26 12:30

WithSecure researchers have discovered an ongoing operation, dubbed "DUCKTAIL", that targets individuals and organizations operating on Facebook's Ads and Business platform. DUCKTAIL's operations utilize an infostealer malware component that includes functionality specifically designed to hijack Facebook Business accounts.

LinkedIn phishing target employees managing Facebook Ad Accounts
2022-07-26 10:00

A new phishing campaign codenamed 'Ducktail' is underway, targeting professionals on LinkedIn to take over Facebook business accounts that manage advertising for the company. The threat actor reaches out to employees on LinkedIn who could have Facebook business account access, for example, people listed as working in "Digital media" and "Digital marketing" as their roles.

Amazon sues 10,000 Facebook Group admins for offering fake reviews
2022-07-20 06:33

Amazon is suing over 10,000 administrators of Facebook groups that offer to post fake reviews on the online souk's website in exchange for products and money. Group admins charged $10 per fake review, according to CNBC. Reviewers were also lured with promises of free products in return for sham assessments of items such as car stereos or camera tripods.

Facebook Is Now Encrypting Links to Prevent URL Stripping
2022-07-18 14:49

Including Facebook, add parameters to the web address for tracking purposes. Mozilla introduced support for URL stripping in Firefox 102, which it launched in June 2022.

Facebook 2FA scammers return – this time in just 21 minutes
2022-07-13 18:46

Like last time, they created an HTML email with a clickable link that itself looked like a URL, even though the actual URL it linked to was not the one that appeared in the text. This time the link you saw if you hovered over the blue text in the email really was a link to a URL hosted on the facebook.com domain.