Facebook disrupted Pakistan hacking group targeting Afghan users: Report
Nov 17, 2021
California [US], November 17 : Facebook's parent company announced that it took actions against groups of hackers in Pakistan that targeted people who were connected to the previous Afghan government, military, and law enforcement in Kabul.
The group from Pakistan -- known in the security industry as SideCopy -- targeted people who were connected to the previous Afghan government, military, and law enforcement in Kabul, Meta said in a statement.
In August, Facebook removed a group of hackers from Pakistan particularly those with links to the Afghan government, military and law enforcement in Kabul.
"Given the ongoing crisis and the government collapse at the time, we moved quickly to complete the investigation and take action to protect people on our platform, share our findings with industry peers, law enforcement and researchers, and alert those who we believe were targeted," the company statement said.
The statement added that this malicious activity had the hallmarks of a well-resourced and persistent operation while obfuscating who's behind it. On Facebook, this cyber-espionage campaign ramped up between April and August of 2021 and manifested primarily in sharing links to malicious websites hosting malware.
This Pakistani group created fictitious personas -- typically young women -- as romantic lures to build trust with potential targets and trick them into clicking on phishing links or downloading malicious chat applications.
They operated fake app stores and also compromised legitimate websites to host malicious phishing pages to manipulate people into giving up their Facebook credentials.
SideCopy attempted to trick people into installing trojanized chat apps, including messengers posing as Viber and Signal, or custom-made Android apps that contained malware to compromise devices.
Separately, Meta said that it took action against "three distinct hacker groups with links to the Syrian government," including a group known as the Syrian Electronic Army, which was tied to Syria's Air Force Intelligence; and APT-C-37, a hacker organization that targeted opposition groups.