The Ducktail malware has come back to haunt the Facebook users once again but this time in its newest form.
According to the cybersecurity researchers, the threat actors behind this campaign are reportedly notorious in hijacking sensitive information from millions of people in the biggest social media hub.
To protect yourself from this malware, here's what you need to avoid. The security experts have some tips that will help you safeguard yourself against these online threats.
New Ducktail Malware Steals Facebook Credentials
Bleeping Computer is the first to report that a new PHP-data stealing malware is robbing Facebook information from the users. The updated Ducktail phishing campaign also steals crypto wallets and browser data.
The Ducktail malware was first discovered in July 2022 by WithSecure cybersecurity experts. The analysts believed that this campaign was spearheaded by an unknown group of hackers from Vietnam.
The older version of the malware was written in NetCore. It usually targets people who joined within Facebook groups, particularly in the Ads and Business platform.
Meanwhile, the updated Ducktail malware comes with wider coverage as it targets more regular users on the social media platform instead of being limited to just Facebook Business users.
As Tom's Guide writes in its latest report, Zscaler cybersecurity firm discovers that the new Ducktail collects personal information from the victims including their PayPal addresses, user payment methods, and more.
"It seems that the threat actors behind the Ducktail stealer campaign are continuously making changes or enhancement in the delivery mechanisms and approach to steal a wide variety of sensitive user and system information targeting users at large. Zscaler's ThreatLabz team is continuously monitoring the campaign and will bring to light any new findings that it will come across," Zscaler, a cybersecurity firm said in a blog post.
Stay Away From ZIP Files
For Facebook users, the experts warn to watch out for suspicious links that urge you to download infected ZIP files. These cracked documents usually contain the pirated versions of the movies, games, apps, and more.
Zscaler notes that this Ducktail infostealer malware can appear as pop-up ads on your browser. If it displays "Checking Application Compatibility," stay away from it at all costs.
The threat actors used to send the victim's data from the computer to Telegram before. However, they have already improved their data storage by keeping them in a JSON website.
Related Article : Meta Finds Over 400 Malicious Apps Spreading Malware on Facebook
How to Stay Protected Against Ducktail Malware
Avoiding the new Ducktail malware version comes with careful browsing. To safeguard yourself from this cyber threat, do not attempt to download pirated software and apps from random websites.
Since it can also steal your passwords, you should refrain from storing them in your browser. You can start using a reliable password manager for additional security.
Digital Trends recommends the users to use the updated version of an antivirus software to heighten their protection against this dangerous malware variant.
This article is owned by Tech Times
Written by Joseph Henry