DUCKTAIL Spread via Compromised LinkedIn Profiles
By Cluster25 Threat Intel Team
October 25, 2023
Linkedin has been targeted as reported above using LinkedIn messages as a vector for executing identity theft attacks.
If it’s not enough for North Korean and Iranian hackers using this ultra-popular professional networking web site for cyber espionage, other groups are using it to distribute malware. Cybersecurity experts have tracked a malware strain known as ‘Ducktail’ on the platform that is targeting Italian company employees. Hackers are leveraging fraudulent profiles that offer lucrative job via the platform’s messaging system. The email proclaims that an attached .PDF file contains job details - but contains the Ducktail malware to infect the recipient’s system(s).Worth a quick read to be aware!
Reader Comments