Facebook Finds More Ukraine-Themed Hacking, Disinformation
Facebook Finds More Ukraine-Themed Hacking, Disinformation
(Bloomberg) -- Meta Platforms Inc.’s Facebook blocked efforts by Russian and Belarus-aligned groups to conduct cyber-espionage and launch a disinformation campaign focused on the war in Ukraine, the company said Thursday.
Suspected Belarus-backed hackers attempted to compromise Facebook accounts belonging to dozens of Ukrainian military personnel and tried posting videos urging Ukraine’s army to surrender to Russian forces, Facebook said. The campaign, carried out by a documented disinformation group known as Ghostwriter, was largely blocked, according to the company.
Ghostwriter “typically targets people through email compromise and then uses that to gain access to their social media accounts across the internet,” Facebook said.
In addition to the suspected Belarus-backed hacking, the Facebook report also detailed the detection and blocking of efforts by Russia’s Internet Research Agency to create fake accounts on Facebook. Researchers determined that Russia’s IRA posed as a Western human rights group and published articles blaming NATO for Russian violence.
The disclosure came as part of a security threat report from Facebook, a regular initiative that started after U.S. intelligence concluded that Russian organizations, including the IRA, exploited social media in the 2016 presidential election. The latest report highlights the range of threats facing social media users, including the spread propaganda and the use of decoy profiles by hackers to ingratiate themselves with targets and get them to unwittingly infect their machines.
Facebook also identified separate campaigns, which the company blocked, where hackers associated with the Iranian government attempted to create fake profiles. Attackers posed as recruiters, human rights activists or academics, to trick specific targets including dissidents, politicians and journalists into engaging and downloading malicious software to their computers.
The company recommended a series of steps for users to further protect themselves, including the use of virtual private network software and two-factor authentication on their accounts.
©2022 Bloomberg L.P.