A new malware-as-a-service (MaaS) operation named ‘DuckLogs’ has emerged, giving low-skilled attackers easy access to multiple modules to steal information, log key strokes, access clipboard data, and remote access to the compromised host.
DuckLogs is entirely web-based. It claims to have thousands of cybercriminals paying a subscription to generate and launch more than 4,000 malware builds.
The operators appear to provide additional services to some customers, helping them to distribute the payload, a tool to drop files, and an extension changer.
Source: Bleeping Computer