 |
| Facebook takes action against hackers in Syria and Pakistan |
Facebook has shared its actions against four different hacker groups in Pakistan and Syria in the past few months.
To subvert these malicious groups, the company has disabled accounts, banned their domains from spreading across the platform, and shared information with industry peers, security researchers, and law enforcement agencies.
This Pakistani organization, known in the security industry as SideCopy, targets people with ties to the former Afghan government, army and law enforcement agencies in Kabul.
In Syria, the company has edited three different series with links to the Syrian government.
The first Syrian network, known as the Syrian Electronic Army, SEA or APT-C-27, targeted human rights defenders, journalists and other groups that opposed the ruling regime. Facebook linked this activity to the Syrian Air Force Intelligence.
The second network in Syria - known in security circles as APT-C-37 - targets individuals associated with the Free Syrian Army and former soldiers who later joined opposition forces.
The Facebook investigation links this APT-C-37 activity to what it considers to be an independent unit in the Syrian Air Force Intelligence Service.
This process includes social engineering strategies to trick people into clicking links to malicious websites that contain malware or phishing campaigns intended to gain access to people's Facebook accounts.
The Third Syrian Network is also targeting ethnic minorities, activists and opposition groups in southern Syria, including As-Suwayda, Hauran, Quneitra, Deraa, Kurdish journalists and activists, as well as the Syrian Civil Protection or the White Helmets Voluntary Humanitarian Organization.
The Facebook investigation revealed links between the activity and people linked to the Syrian government.
Threat intelligence analysts and security experts at META are dedicated to detecting and responding to a variety of threats. Including cyber espionage, operational impact and platform penetration by government agencies and other groups.
As part of this effort, the company's team often disables referrals. And let users know if they need to take any action to protect their account. and share their findings publicly and continue to improve the safety of their products.
Facebook kills a Syrian hacker network
The SideCopy group shares links to websites that host malware that can spy on users' devices. The company removed SideCopy from its platform in August.
The social media company said the organization had created fictional characters for young women as romantic temptations. This is done to build trust and get the target to click on a phishing link or download a malicious chat app.
It also corrupts legitimate websites to trick people into revealing their Facebook credentials.
“It is always difficult to predict the end goal of an entity that is a threat,” said Mike Devliansky, head of Facebook's cyber espionage investigation. We don't know exactly who is at risk or what the end result will be.
Major internet platforms such as Facebook, Twitter, Google and Microsoft have taken steps to shut down Afghan user accounts. It was during the Taliban's swift takeover of the country last summer.
Facebook said it had not previously disclosed hacking activity and said activity escalated from April to August. Because of the security concerns of its state employees and the need for more work on investigating the network. It stated that it had previously exchanged information with the US State Department when it suspended its operations.
David Agranovic, head of global threats and sabotage at Facebook, said the Syrian and Afghan issues showed that cyber-espionage groups took advantage of the insecure time when people were most likely to be tampered with during the conflict.