Facebook Pages Hacked for Malware Distribution Through Ads
Recently, it has been discovered that hackers are accessing well-known, authenticated Facebook sites and utilizing them to launch malicious ad campaigns on the social media giant.
Matt Navarra, a social strategist, discovered the harmful effort and warned of the risk on Twitter.
The campaign’s perpetrators, according to Navarra, started by targeting well-known Facebook sites; one of the victims has more than seven million followers. They have been active for more than ten years.
If they were to obtain access, the hackers would rename the page to something similar to Google, Facebook, or Meta.
Then, they would spend money on a social media network ad that would specifically target page managers and advertising specialists.
You can no longer manage ad accounts in the browser due to security concerns for new users, according to the advertisement. Before posting a download link that is plainly phony, say, “Switch to a more professional and secure tool.”
Clever Ruses
Then, they would spend money on a social media network ad that would specifically target page managers and advertising specialists.
The advertisement states, “You can no longer manage ad accounts in the browser due to security risks for forthcoming users.”
The advertisement concludes, “Switch to a more professional and cybersecurity tool,” followed by a download link that is obviously fake.
- There are several problems with this campaign, according to Navarra, including how the accounts were compromised.
How Facebook permitted the threat actors to rename the page to something vaguely related to Meta while keeping the blue checkmark. - How they were able to actually purchase and run advertisements that, at the very least, directed the target audience to a dubious website.
- According to TechCrunch, Facebook has since disabled all of the affected accounts and stopped the illicit activities.
Additionally, it stated that Facebook sites now display whether and from what sources they have changed their names in the past, which is a nice move to increase transparency.
A Meta representative told TechCrunch that “we invest significant resources into detecting and preventing scams and hacks.”
While many of the changes we’ve made are hard to see since they prevent problems before they arise, scammers are always attempting to circumvent our security measures.