At a glance.
- Notes on the Ducktail information stealer.
- Increased VPN demand during the World Cup.
Notes on the Ducktail information stealer.
SecurityWeek reports that researchers at WithSecure (formerly known as F-Secure Business) have observed updates to the Ducktail infostealer, and expansions among the gang that employs it. This malware is said to likely be in use by Vietnam-based actors, with the intent to obtain victims’ credentials. Organizations operating on Facebook’s Business/Ads platform have been seen recently as the targets of the Ducktail campaigns, though the infostealer has been seen previously delivered via LinkedIn. Activity in Telegram may suggest the establishment of an affiliate program for the gang. Losses from Ducktail activity are estimated by WithSecure to vary between $100,000 and $600,000 dependent on the victim.
Increased VPN demand during the World Cup.
With the World Cup in full swing, VPN use is skyrocketing, SafetyDetectives report. Researchers report a 1,038% increase in VPN usage during the first game of the World Cup on November 20, compared to the same day a week earlier. VPNs, or Virtual Private Networks, protect users’ identities, geolocations, and internet traffic, and also have the capability of bypassing censorship and geographic restrictions. World Cup fans may be using VPNs to access coverage in a country outside their location, while travelers may be looking for coverage in their native countries and languages. The BBC's English-language coverage, in particular, has seen more internet traffic recently. While cybercrime can be a factor in the implementation of a VPN, this is likely not the driving factor for the surge.