Security News
A cybercriminal operation tracked as Ducktail has been hijacking Facebook Business accounts causing losses of up to $600,000 in advertising credits. The gang has been spotted before using malware to steal Facebook-related information and hijack associated business accounts to run their own ads that are paid for by the victim.
Meta Platforms on Tuesday said it took down a network of accounts and pages across Facebook and Instagram that were operated by people associated with the U.S. military to spread narratives that depicted the country in a favorable light in the Middle East and Central Asia. The social media giant stated the individuals behind the activity impersonated the communities they targeted, propagating content in Arabic, Farsi, and Russian that criticized Iran, China, and Russia, and floated themes of increased military cooperation with the U.S. These narratives spanned "Russia's invasion of Ukraine, China's treatment of the Uyghur people, Iran's influence in the Middle East, and the support of the Taliban regime in Afghanistan by Russia and China," Meta said in its Quarterly Adversarial Threat Report.
Meta Platforms is said to have fired or disciplined over two dozen employees and contractors over the past year for allegedly compromising and taking over user accounts, The Wall Street Journal reported Thursday. Included among those fired were contractors who worked as security guards at the social media firm's facilities and were given access to an internal tool that allowed employees to help "Users they know" gain access to accounts after forgetting their passwords, or had their accounts locked out.
Following yesterday's deadly blast on İstiklal Avenue in Istanbul, Turkish authorities began restricting access to social media platforms including Instagram, Facebook, Twitter, YouTube and Telegram as a nationwide broadcast ban went into effect. Reports of a bomb blast taking place on Istanbul's busy İstiklal street began circulating on Sunday, November 13th on social media platforms.
Facebook appears to have silently rolled out a tool that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others. When users sync the contact lists on their devices with Facebook, it's worth pointing out the privacy violation, which stems from the fact that those contacts didn't explicitly consent to the upload. "Someone may have uploaded their address book to Facebook, Messenger or Instagram with your contact information in it," Facebook notes in the page.
A new Ducktail phishing campaign is spreading a never-before-seen Windows information-stealing malware written in PHP used to steal Facebook accounts, browser data, and cryptocurrency wallets. The malware targeted information stored in browsers, focusing on Facebook Business account data, and exfiltrated it to a private Telegram channel that acted as a C2 server.
A PHP version of an information-stealing malware called Ducktail has been discovered in the wild being distributed in the form of cracked installers for legitimate apps and games, according to the latest findings from Zscaler. "Like older versions, the latest version also aims to exfiltrate sensitive information related to saved browser credentials, Facebook account information, etc.," Zscaler ThreatLabz researchers Tarun Dewan and Stuti Chaturvedi said.
Facebook warns of 400 malicious apps that tried to steal your account credentials. Facebook is advising its users to beware of fake and malicious apps that attempt to hijack your credentials for the popular social network.
Meta Platforms on Friday disclosed that it had identified over 400 malicious apps on Android and iOS that it said targeted online users with the goal of stealing their Facebook login information. 42.6% of the rogue apps were photo editors, followed by business utilities, phone utilities, games, VPNs, and lifestyle apps.
Meta Platforms on Tuesday disclosed it took steps to dismantle two covert influence operations originating from China and Russia for engaging in coordinated inauthentic behavior so as to manipulate public debate. The sophisticated Russian activity, which commenced in May 2022, impersonated mainstream European news outlets like Der Spiegel, The Guardian, and Bild, not to mention build credibility by creating fake accounts across several platforms to amplify pro-Russian narratives.