Hackers from Pakistan used Facebook to target people in Afghanistan with ties to the previous government when the Taliban ruled the country, a report said. the company’s threat analysts in an interview with Reuters.
Facebook says the group, known in the security industry as SideCopy, shares links to websites that contain malware that can monitor people’s devices. The targets include people associated with the government, military and law enforcement in Kabul, it said.
Facebook said it removed SideCopy from its platform in August. The social media company, which recently changed its name to, said the group created impersonators of young women as “momantic lures” to build trust and trick targets into clicking phishing links. or downloading malicious chat programs.
It also compromised legitimate websites that allow people to submit their Facebook credentials. “It’s always difficult for us to predict the ultimate goal of the threat actor,” said the head of cyber crime research, Mike Dvilyanski.
“We don’t know exactly who messed it up or what the outcome of that was.” Major online media and email companies including Facebook, Twitter Inc, Alphabet Inc’s Google and Microsoft Corp’s LinkedIn said they had taken steps to lock down Afghan users’ data at the time. The Taliban overthrew the government this past summer.
Also read: US blacklists Israeli hacking equipment vendor NSO Group
Facebook said it did not initially disclose the hacking attack, which it said increased between April and August, because of security concerns about its employees in the country and the need for more work to investigate. eat the connection. He said he shared information with the US State Department when the operation was dismantled, which he said appeared to be “well-resourced and sustainable”.
The researchers also said that Facebook last month deleted the accounts of two hacking groups that were linked to the Syrian Air Force Intelligence. Facebook said one group, called the Syrian Electronic Army, targeted human rights activists, journalists and other opponents of the regime, while the other, called APT-C- 37, targeted people associated with the Free Syrian Army and former military personnel. joined the opposition forces.
Facebook’s head of global terrorism, David Agranovich, said the Syria and Afghanistan issues showed the social media groups are use moments of uncertainty in times of conflict when people are most susceptible to manipulation.
The company said that the third hacking network in Syria, which was linked to the Syrian government and removed in October, was aimed at minority groups, activists and members of the People’s Protection Group (YPG) and Syria Civil Defense, or White Helmets.
It is said that this group used Facebook for social engineering and shared malicious links to sites controlled by the attackers with programs and updates to the United Nations, White Helmets, YPG, Facebook-owned WhatsApp and Alphabet’s YouTube.
A Facebook spokesperson said the company has notified about 2,000 users affected by the campaign in Afghanistan and Syria, most of them in Afghanistan.
Leave a Reply