Facebook said it has taken direct measures against four distinct groups of hackers from Pakistan and Syria using its platform to spread links to malicious websites.
While Facebook might not sound like the ideal platform for hackers, it turns out that quite a few of them try to take advantage of the reach of this social media platform. Because so many people worldwide use Facebook every day, hackers can use it to distribute malicious links and files, potentially affecting many users at once.
Many of these groups rely on Facebook and other platforms to operate and infect devices. The option to involve law enforcement doesn’t really exist given the location from where they operate, so the next best thing is to take out the intermediary.
“To disrupt these malicious groups, we disabled their accounts, blocked their domains from being posted on our platform, shared information with our industry peers, security researchers and law enforcement, and alerted the people who we believe were targeted by these hackers,” saidMike Dvilyanski, Head of Cyber Espionage Investigations, and David Agranovich, Director, Threat Disruption at Meta.
“The group from Pakistan — known in the security industry as SideCopy — targeted people who were connected to the previous Afghan government, military, and law enforcement in Kabul. In Syria, we removed three distinct hacker groups with links to the Syrian government,” they added.
The Syrian groups are better known, as they were involved in various attacks over the years. The security teams targeted the Syrian Electronic Army (linked with Syria Air Force Intelligence), APT-C-37, and a third one that has no name but targets various people, including minority groups, activists and opposition members in Southern Syria.
The steps Facebook undertook are essential to limit the reach of these groups, but it doesn’t stop them. They will continue to exert influence using other channels, but they might find it more difficult to share malicious links and files for now.