Security News > 2021 > April > Facebook Shuts Down Two Hacking Groups in Palestine
Social media giant Facebook today announced that it took action against two groups of hackers originating from Palestine that abused its infrastructure for malware distribution and account compromise across the Internet.
As part of the shutdown operation, Facebook took down accounts, blocked domains, sent alerts to people who were targeted, and released malware hashes to the public.
The threat actor employed a large infrastructure of more than one hundred websites that hosted iOS and Android malware, were designed for phishing, or functioned as command and control servers.
"They appear to operate across multiple internet services, using a combination of social engineering, phishing websites and continually evolving Windows and Android malware in targeted cyber espionage campaigns," Facebook says.
The malware was packed inside a Trojanized, fully-functional chat application and could direct victims to phishing pages for Facebook and iCloud.
The distribution of malware relied on social engineering, with 41 attacker-controlled phishing sites used to distribute the Android malware, and a 3rd party Chinese app development site employed for the delivery of iOS malware.