The Zscaler ThreatLabz research team observed a PHP version of ‘Ducktail’ Infostealer distributed in the form of cracked application installer for a variety of applications including games, Microsoft Office applications, Telegram, and others. Notably, Ducktail has been active since 2021; experts say it might be operated by Vietnamese threat group.
Read full article on GBHackers