Skip to main content
Threat actors who are Poisoning Facebook | Research by cybernews.com
Want more relevant cybersecurity-related news & research? CLICK HERE 👉 https://ift.tt/KMXnd8S 🦾 Welcome our first AI-generated spokesperson, let us know your thoughts down in the comments! About us: our dedicated team of security researchers and investigative journalists regularly delves into previously unexplored depths of online security and privacy in order to shed light on stories that often have an unseen influence on the online world at large. A number of our investigations and reports have been featured by industry-related publications and global news leaders like Forbes, PC mag, Techradar. -------------------------------------------------------------------------------- An investigation of the infamous “Is That You?” video scam has led Cybernews researchers to a cybercriminal stronghold, from which threat actors have been infecting the social media giant with thousands of malicious links every day. At least five suspects, thought to be residing in the Dominican Republic, have been identified. READ HERE 👉 https://ift.tt/P2MHSbY -------------------------------------------------------------------------------- It can start with something as seemingly innocuous as a message from a “friend” inviting you to click on a juicy link with something interesting: a music clip, funny video, or anything else you might be interested in. By clicking on them, you will be revealing a bundle of personal details: your name, address, and passwords, which are then harvested for profit by the threat actor who has fooled you. Given its likelihood of being used as a platform for such scams, Facebook has been on the Cybernews radar for some time – in February last year, we exposed the “Is That You?” phishing scam on its Messenger service that had been doing the rounds since at least 2017. Since then, the research team has remained vigilant, keeping tabs on suspect activities on Facebook. Recently, that vigilance was rewarded when we received a tip-off from fellow cyber investigator Aidan Raney – who first reached out to us after our original findings were published – that malicious links were being distributed to users. The new phishing attack was initiated by sending the potential mark a message from one of their Facebook contacts. The message contained what appears to be a video link with a text in German suggesting that they are featured in the clip. Hot for the chase, our cyber detectives began their inquiry by scrutinizing a malicious link sent to one victim, to learn how the scam had been put together. “I figured out what servers did what, where code was hosted, and how I could identify other servers,” said Raney. “I then used this information and urlscan.io [a website that allows one to scan URLs] to look for more phishing links matching the same characteristics as this one.” A thorough search of servers connected to the phishing links turned up a page that was sending credentials to a site called devsbrp.app. Further scrutiny revealed a banner thought to be attached to a control panel, with the text "panelfps by braunnypr" written on it. These details led the research team straight to the perpetrators, in a swift turntable move. Using the threat actor’s own details, Cybernews accessed a website that turned out to be the command and control center for most of the phishing attacks linked to the gang, thought to number at least five threat actors but possibly many more. This provided our intrepid investigators with a trove of information on the crooks behind the Facebook phishing scam, including their likely country of residence – the Dominican Republic. “We were able to export the user list for everybody registered to this panel,” said the Cybernews researcher. “Using the usernames on the list, we started uncovering the identities of as many people on the list as people, but there is still more work to be done. At the time of this video going live, all relevant information has been handed over to the authorities pending further investigation. What you can do to protect yourself? Use unique and complex passwords for all of your online accounts. Password managers help you easily create strong passwords and notify you of password reuse. Use multi-factor authentication where possible. Beware of any messages sent to you, even from your contacts. Phishing attacks usually employ some type of social engineering to lure users into clicking on malicious links or downloading infected files. Be mindful of any suspicious activity on your Facebook or other accounts. Keep up to date with the latest news: ➡️ Visit our site https://cybernews.com/ ➡️ Facebook https://ift.tt/94oVd3A ➡️ Twitter https://twitter.com/cybernews ➡️ #cybernews #TechNewsByAI #cybernewsByAI
For more hacking info and tutorials visit: https://ift.tt/cp3U5M4
Hello and welcome to the temple of cybersecurity. Now you are watching Threat actors who are Poisoning Facebook | Research by cybernews.com published at May 26, 2022 at 08:01AM. If you are looking for tutorials and all the news about the world of hacking and computer security, you have come to the right place. We invite you to subscribe to our newsletter in the box at the top and to follow us on our social networks:
NFT store: https://mintable.app/u/cha0smagick
Twitter: https://twitter.com/freakbizarro
Facebook: https://web.facebook.com/sectempleblogspotcom/
Discord: https://discord.gg/5SmaP39rdM
Ignore tags:
#hacking,#infosec,#tutorial,#bugbounty,#threat,#hunting,#pentest,#hacked,#ethical,#hacker,#cyber,#learn,#security,#computer,#pc,#news
Comments
Post a Comment