More than 6,000 victims have been compromised by the new DuckLogs malware-as-a-service operation, whose platform is being leveraged by over 2,000 cybercriminals, according to BleepingComputer.
Cyble researchers discovered that DuckLogs features an info-stealing component aimed at exfiltrating hardware and software information, browser-stored account credentials and cookies, local disk files, data from messaging apps, Outlook and Thunderbird emails, FileZilla and TotalCommander data, CrypticVPN, OpenVPN, NordVPN, and ProtonVPN data, Steam, Minecraft, Battle.Net, and Uplay accounts, and Metamask, Exodus, Coinomi, Atomic, and Electrum cryptocurrency wallets.
DuckLogs also has a remote access trojan component that could facilitate the execution of files retrieved from the command-and-control server. More than 100 other modules supporting keystroke logging and a clipper have also been found in DuckLogs, which could also evade Windows User Account Control.
Spam and phishing emails are the likely initial infection vectors leveraged by threat actors using the DuckLogs malware in their attacks, said the report.
North Korean hackers have stolen $630 million in cryptocurrency assets in 2022, the highest on record, reports Reuters. Sophisticated techniques have been leveraged by North Korean threat actors to facilitate the record-high theft of virtual assets, which are being allocated toward its nuclear weapons programs, according to a United Nations report. Such a figure comes after a cybersecurity firm earlier reported that more than $1 billion in cryptocurrency have been stolen by North Koreans last year. "The variation in USD value of cryptocurrency in recent months is likely to have affected these estimates, but both show that 2022 was a record-breaking year for DPRK (North Korea) virtual asset theft," said the U.N. report.
Several financial institutions in Brazil have been targeted by the novel Android banking trojan PixPirate that exploits the PIX payments platform for fraudulent activities, according to The Hacker News.