Facebook said it interfered with one Pakistani and three Syrian hacker groups. A Pakistani hack group used Facebook accounts to attack members of the former Afghan government, military and law enforcement agencies.
The researchers say that Pakistani hack group SideCopy created a fake Android app store in order to attack individuals associated with the former Afghan government (even before its fall and the Taliban, banned in Russia, came to power). These attacks lasted from April to August this year.
SideCopy operators created fake Facebook profiles, usually posing as young women, exposed targets, and tricked them into clicking malicious links. These links led to phishing sites that collected credentials, or, in some cases, to bogus app stores that hosted malware-infected Android apps. Typically, hackers used applications disguised as instant messengers and imitated well-known brands such as Viber and Signal.
“Among them were HappyChat, HangOn, ChatOut, TrendBanter, SmartSnap and TeleChat. Some of them are actually active messengers, ”experts say.
In fact, these fakes were infected with remote access Trojans. For example, some applications contained the PJobRAT malware, while others were infected with a previously unknown threat called Mayhem. Both malware allowed hackers to take complete control of infected devices.
In addition, Facebook analysts reported that back in October 2021, they interfered with the work of three Syrian hack groups. These attackers attacked individuals and activists opposed to the regime of Bashar al-Assad.
- Syrian Electronic Army: Persecuted human rights defenders, journalists and others opposed to the regime.
- APT-C-37 : Targets people associated with the Free Syrian Army and former military personnel who have joined the opposition forces.
- Unnamed group: Attacked minority groups, activists, opposition, Kurdish journalists, members of the people’s defense squads, and members of the Syrian Civil Defense or White Helmets (a volunteer humanitarian organization).
Facebook says the first two groups are linked to two units of the Syrian Air Intelligence Force, one of the country’s most influential intelligence services.
Catch up on more stories here
Follow us on Facebook here