A LinkedIn phishing campaign is being used to target users with recently identified malware linked to Vietnamese threat actors in order to steal their data and admin rights for financial gain.
Through a phishing campaign that targets LinkedIn accounts, a new malware is gaining access to high-profile Meta Facebook Business and advertising platform accounts. According to researchers, the malware, known as Ducktail, exploits browser cookies from authenticated user sessions to hijack accounts and steal data.
The ongoing campaign, which looks to be the work of financially motivated Vietnamese threat actors, was found by researchers from WithSecure, previously F-Secure, according to a report released on Tuesday. According to analysts, the effort has been running since at least the second part of 2021, and the threat actors who are behind it may have been active online since 2018.