Skip to main content

Market Overview

Tickers

Articles

Keywords

Search by keyword...
googlecse

Facebook Security Undermined By Vietnam-Origin 'DUCKTAIL' Malware, Says Security Firm
Shivdeep Dhaliwal , Benzinga Staff Writer  
 
July 28, 2022 7:11am   Comments
Share:
Facebook Security Undermined By Vietnam-Origin 'DUCKTAIL' Malware, Says Security Firm

Meta Platforms Inc's (NASDAQ: META) social media platform Facebook is the target of an operation dubbed “DUCKTAIL” conducted by a Vietnamese threat actor.

What Happened: WithSecure, a corporate security spinoff  of F-Secure, said in a statement that the ongoing operation targets individuals and organizations that operate on Facebook’s Business and Ads platform.

Workings Of DUCKTAIL operation — Courtesy WithSecure

DUCKTAIL is an information-stealer malware, which is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the targeted Facebook account and ultimately “hijack” any Facebook Business Account it gains sufficient access to, according to WithSecure.

“Based upon analysis and gathered data, we have determined that the operation is conducted by a Vietnamese threat actor. The chain of evidence suggests that the threat actor’s motives are financially driven,” the corporate security company said.

See Also: How To Buy Meta (Formerly Facebook) Shares

Why It Matters: Investigation by WithSecure revealed that the threat actor has been developing and distributing malware linked to the DUCKTAIL operation since the later half of 2021 but evidence suggests that the actor may have been active as early as late 2018 in the cybercriminal space.

WithSecure said it had shared DUCKTAIL research with Meta, who said they were aware of “these particular scammers.”

Meta said it continued to update its systems to detect these attempts but “because this malware is typically downloaded off-platform, we encourage people to be cautious about what software they install on their devices."

WithSecure said in a detailed brief on the malware that the DUCKTAIL operation was exclusively written in .NET Core. The malware scans victims machines for browsers such as Google Chrome, Microsoft Edge, Brave and Firefox.

The stolen information from personal accounts includes name, email, birthday and User ID. Exfilitration of data was done through Telegram.

Price Action: On Wednesday, Meta shares dropped 4.7% lower to $161.65 in the after-hours trading after closing 6.55% higher at $169.58 in the regular session, according to data from Benzinga Pro.

Read Next: Mark Zuckerberg Doubles Down On Facebook And Instagram's Mutation Into TikTok

© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

 

Related Articles (META)

Elon Musk's Wealth Takes More Than $60 Billion Hit In 2025, As Bill Gates Also Sees Huge Losses—But One Of Them Has Been Donating His Entire Fortune
Deal Dispatch: Performance Food Group And Claire's Lead A Week Of Big Auctions, Retail Woes
QQQ And Friends Hit Highs: Tech ETFs Thrive Despite Trade Turbulence
Nvidia, Broadcom Lead Semiconductor Surge As AI Demand, Tariff Relief And Big Tech Investments Fuel Momentum
What the Options Market Tells Us About Meta Platforms
In-Depth Analysis: Meta Platforms Versus Competitors In Interactive Media & Services Industry
View Comments and Join the Discussion!

Posted-In: Consumer Tech Cybersecurity malwareNews Social Media Tech General Best of Benzinga

Don't Miss Any Updates!
News Directly in Your Inbox
Subscribe to:
Benzinga Premarket Activity
Get pre-market outlook, mid-day update and after-market roundup emails in your inbox.
Market in 5 Minutes
Everything you need to know about the market - quick & easy.
Fintech Focus
A daily collection of all things fintech, interesting developments and market updates.
SPAC
Everything you need to know about the latest SPAC news.
Thank You

Thank you for subscribing! If you have any questions feel free to call us at 1-877-440-ZING or email us at vipaccounts@benzinga.com