An ongoing spear-phishing campaign dubbed “Ducktail” is targeting admin profiles of enterprise networks via LinkedIn, with the motive of taking over Facebook Business accounts and exploiting the Ads function to run malvertising campaigns.
According to researchers at WithSecure, a popular global IT-security firm, the hackers are of Vietnamese origin and have been active since 2018.
Modus operandi
The Ducktail operators have a limited targeting scope and carefully choose their victims, seeking those with administrative access to their employer’s social media accounts. The hacker contacts employees on LinkedIn who may have access to Facebook business accounts, such as those described as working in “digital media” and “digital marketing.”
Subsequently, the hacker lures the potential victim to download a file hosted on legitimate cloud hosting services like D
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: