Facebook has revealed that the social networking company has disrupted a network of hackers tied to China that were trying to distribute malware through malicious links through fake profiles. Since the discovery, Facebook’s security team has taken action against the group and disabled the fake accounts and notified the users who were targeted.
According to Facebook, the hackers were targeting activists, journalists and dissidents, predominantly among Uyghurs from Xinjiang in China, living abroad in Turkey, Kazakhstan, the US, Syria, Australia, and Canada. The social network said that the hackers were trying to collect information on the targets. In order to do that, the hackers shared links from legitimate and lookalike news websites.
Apart from sharing malicious links, the hackers concealed their identities by infecting people’s devices with malware after they passed certain technical checks. Facebook initially became aware of the attempts in mid-2020. Since then, the social networking giant has taken down the accounts.
Nathaniel Gleicher, head of security policy for Facebook said, “Measuring impact and intent can be challenging but we do know even for the small number of users around the world, the consequences [of being hacked] can be very high and that is why the team took this so seriously. It’s a small number of targets, under 500 for the entire campaign, but that is only for the aspects that touched Facebook in some way. The majority of what this threat actor has done took place off Facebook.”