DarkGate Malware Distributed Via LinkedIn And Facebook Ads

A cyber threat actor is using fake LinkedIn posts and direct messages to trick people into downloading info-stealing malware, such as DarkGate and RedLine. Cybersecurity firm WithSecure has detected and linked this activity to Vietnamese cybercriminal groups responsible for the 'Ducktail' campaigns, which aim to steal valuable Facebook business accounts for malvertising or resale. DarkGate, originally identified in 2017, saw limited use until June 2023 when its author began offering it to a wider audience. Recent instances of DarkGate use include phishing attacks via Microsoft Teams and leveraging compromised Skype accounts to distribute VBS scripts and trigger a malware infection chain. Read more...