There is a new version of Ducktail that is being used to target Facebook users. The first implementation was meant for Facebook Business accounts.
Any and all Facebook data can be found in the latest version of Ducktails. It is possible that payment methods could be discovered if it is a business account. It is possible that billing information and cycles could be used to help disguise unauthorized purchases.
Bleeping Computer shared a detailed account of Ducktail. The first version relied on a LinkedIn campaign with hackers posing as marketing and human resources professionals in order to deliver a piece of software. There are file-sharing networks that host cracked software, games, and adult videos.
This is likely the reason for the broader scope of the malware, which has moved beyond Facebook Business accounts to harvest browser data, cryptocurrencies, and any personal Facebook account data that might be of use.
Even though it's human readable code, you can't detect it on your disk drive because it's compressed and stored in Base64 It's possible that your computer has a lot of useful script in place, so it's not a bad idea to uninstall all of them. Wait for the latest update to your software to detect and remove this nasty variant.
It is the best way to protect yourself from cyberattacks. It's important to use caution when you're on the internet. It is possible to get you to install malicious software on your computer if it seems too good to betrue. Keep an eye on your accounts, data, and money.
There is a recommended video.