“You can imagine surveillance, you can imagine a range of secondary consequences” Facebook Head of Security Policy Nathaniel Gleicher said. While the hackers targeted a small number of users relative to what the company sees in disinformation operations, Facebook stressed that a small, well-chosen group of targets can result in huge impacts. On iOS devices, the hackers leveraged malware known as Insomnia.
When downloaded, those fake apps infected devices using two strains of Android trojan malware, ActionSpy and PluginPhantom. They focus on attempts to gain access to targets’ devices with watering hole attacks and lookalike domains, including a fake Android app store offering prayer apps and Uyghur-themed keyboard downloads. Though Facebook says social engineering efforts on the platform are “a piece of the puzzle,” most of the hacking group’s efforts take place elsewhere online.
Through fake accounts on Facebook, the hackers posed as activists, journalists and other sympathetic figures in order to send their targets to compromised websites beyond Facebook.įacebook’s security and cyberespionage teams began seeing the activity in 2020 and opted to disclose the threat publicly to maximize the impact on the hacking group, which has proven sensitive to public disclosures in the past. The group, known to security researchers as “Earth Empusa,” “Evil Eye” or “Poison Carp” targeted around 500 people on Facebook, including individuals living abroad in the United States, Turkey, Syria, Australia and Canada. Facebook on Wednesday announced new actions to disrupt a network of China-based hackers leveraging the platform to compromise targets in the Uyghur community.
0 kommentar(er)
