Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.
Latest posts by Esme Greene (see all)
- BlackBit and LokiLocker Ransomware Attacks are on the Rise in Russia - August 17, 2023
- How Can Phishing be Used to Make Governmental Services a “Profitable Business”? - August 16, 2023
- The Most Dangerous Hacker Tools and How to Detect Them - August 16, 2023
These operations typically involve sophisticated attacks that are designed to steal sensitive information from Meta’s servers, such as user data or intellectual property.
In response, Meta has implemented a range of security measures to detect and prevent such attacks. In particular, Meta has reported stopping several large-scale cyber-espionage operations on its platforms Facebook and Instagram.
Threat Actors
Recently, specialists at Meta uncovered massive cyber espionage campaigns on its platforms Facebook and Instagram that were aimed at users from South Asia. The attacks were carried out by three different Advanced Persistent Threat (APT) groups, each using hundreds of fake social media accounts to deceive users and steal sensitive information.
One of the tactics used by the APT groups was the creation of fake accounts using a “Romance scam” scheme. They also created fake accounts disguised as recruiters, journalists, or military personnel.
GravityRat
One of the APT organizations that caught Meta’s notice is a Pakistan-based organization that infected armed forces in India and Pakistan through a network of 120 Facebook and Instagram profiles, rogue applications, and webpages.
The gang employed the GravityRAT malware as their harmful program. This trojan entices potential victims by disguising itself as leisure and cloud storage programs. The virus may steal important information, including passwords, emails, and messages, once it has been installed on a victim’s device. Additionally, it can install additional spyware onto the device, track keystrokes, and capture screenshots.
Bahamut
Bahamut is another Malware group connected to the ATP that Meta discovered. This organization has been employing a range of strategies, including the use of Android malware available on the Google Play Store, to target activists, government employees, and military personnel in India and Pakistan.
Patchwork
One more APT organization that has been focusing on users in South Asia and elsewhere is called Patchwork. Using malicious applications posted to the Google Play Store, this Indian organization has been gathering private user information from victims in Pakistan, India, Bangladesh, Sri Lanka, Tibet, China, and other nations.
Other Ransomware Campaigns
The administration additionally stopped six illicit activities that were part of a “coordinated operation” on Facebook, Twitter, Telegram, YouTube, Medium, TikTok, Blogspot, Reddit, and WordPress and had their origins in the United States, Venezuela, Iran, China, Georgia, Burkina Faso, and Togo.