April 13, 2024

Facebook: PHP version of Ducktail malware steals user accounts


Phishing script written in PHP takes accounts from Facebook users targeted. Malware is a type of Ducktail malware. In addition to Facebook accounts, the script can access data stored in the browser and cryptographic wallets.

The Ducktail malware was discovered a few months ago and mainly targets people and businesses who use Facebook business accounts. The program took over a year to develop and was distributed via email. The attackers use social engineering techniques and select targeted people via the LinkedIn recruitment network. The application is delivered in the form of an archive with photos, videos and documents. Once the file is downloaded and opened, browser cookies are read and sent to the hackers’ server.


PHP Malware

A new version of malware has now been detected that is difficult to detect by antivirus applications. annoying Zscaler A fake app that contains a PHP interpreter and various text files has been installed. To ensure that the components are actually working, the malware creates tasks in the task scheduler. The actual code used to steal Facebook accounts is a base64-encoded PHP script. The content is decoded directly in memory, so the code is not cached on disk and therefore not necessarily recognized.

Developers are also targeting personal accounts

In addition to business accounts, Ducktail should also target private user accounts. If business accounts are compromised, an attempt is made to access payment method information. Due to the further development of the Ducktail program, it can be assumed that the hackers behind the malware will continue to work on the program to release new variants. As usual, it’s a good idea to be wary of messages from unknown senders and to check files closely before downloading them to avoid installing malware.

See also  Seniors Smartphones, Doro 8080, Emporia Smart and Gigaset GS4 Senior - Gütsel Online

See also:


Internet, Safety and Security
internet, security, vulnerabilities, hacker, security, malware, attack, hack, trojan, virus, criminality, malware, exploit, cybercrime, cybersecurity, hacking, system, hacker attack, cybercrime, hacking, hacker attacks Hackers Attack, Attack, Ransomware, Hacks, Hacking, Pest, Malware Warning