SURYAA

Home

Telugu Version

English Version

Latest Updates National International Telangana Andhra Pradesh Cinema Business Sports

Let's get Social

Facebook Twitter Google +

Hackers using new malware to steal Facebook Business accounts: Report

 

by IANS |

New Delhi, Nov 26 (IANS) Cybersecurity researchers have discovered a new version of malware from the "Ducktail" family to steal Facebook Business accounts, a new report has shown.


According to the cybersecurity company Kaspersky, cybercriminals are using malicious browser extensions to target company employees who either hold fairly senior positions or work in HR, digital marketing, or social media marketing.


"Their ultimate goal is to hijack Facebook Business accounts, so it makes sense that the attackers are interested in folks most likely to have access to them," the researchers said.


Ducktail is a specifically designed information stealer with serious consequences such as privacy violations, financial losses, and identity theft.


To hack users' FB accounts, cybercriminals behind Ducktail send out malicious archives to their potential victims that contain bait in the form of theme-based images and video files on a common topic.


Inside these archives also include executable files, which contain PDF icons and very long file names to divert the victim’s attention from the exe extension.


Additionally, the names of the fake files appeared to be carefully chosen for relevance so as to persuade the recipients to click on them.


In the fashion-themed campaign, the names referred to “guidelines and requirements for candidates”, but other bait like, say, price lists or commercial offers, can be used as well, the report noted.


After first opening the exe file in the hopes that the victim will not notice anything unusual, it displays the contents of a PDF file that the malicious code has embedded in it.


Notably, the malware simultaneously scans all desktop shortcuts, the Start menu, and the Quick Launch toolbar.


According to the report, the malware searches for shortcuts to Chromium-based browsers, such as Google Chrome, Microsoft Edge, Vivaldi, and Brave.


"Having found one, the malware alters its command line by adding an instruction to install a browser extension, which is also embedded in the executable file," said the researchers.


"Five minutes later, the malicious script terminates the browser process, prompting the user to restart it using one of the modified shortcuts," they added.

Latest News
Bangladesh suicide rates surge in 2020-24, 40 people died daily Tue, Dec 23, 2025, 04:09 PM
EAM Jaishankar meets Lankan ministers, reiterates India's full support Tue, Dec 23, 2025, 04:04 PM
Resolving Delhi's inherited problems on all fronts: CM Rekha Gupta Tue, Dec 23, 2025, 03:55 PM
Free trade pact with New Zealand India's first women-led FTA: PM Modi Tue, Dec 23, 2025, 03:52 PM
CM Stalin writes to EAM after Sri Lankan Navy arrests 12 TN fishermen Tue, Dec 23, 2025, 03:47 PM