Meta disrupts accounts operating espionage campaigns against Ukraine

April 21, 2022
Meta Facebook User Accounts Espionage Cyberattack Campaign Ukraine

Meta reveals disrupting the malicious operations of numerous Russian and Belarusian threat actors that targeted Ukraine via espionage campaigns in the past two months. The campaign is reported to have originated from government-linked groups in Russia and Belarus that actively launches cyber espionage operations against many sectors in Ukraine.

According to Meta, they have eliminated 27 accounts, two pages, and three groups from Facebook, while four Instagram accounts were also removed. This action is after the mentioned network has violated the firm’s policy against inauthentic behaviour, being operated by threat actors from Russia and Ukraine that targeted the latter country.

The tech giant also added that the eliminated network had used fake accounts to operate made-up profiles and company brands online. The malicious activity was tied to the notorious Russian Internet Research Agency known for prying in the 2016’s US presidential election.

Russian accounts were also conducting mass report operations against users who posted and spread the news about the Russia-Ukraine war.

 

Bot activities were also detected performing espionage campaigns on Facebook and Instagram from Azerbaijan, Brazil, El Salvador, Iran, Costa Rica, and the Philippines.

 

These threat groups performing the attack campaigns from the mentioned countries targeted journalists, democracy activists, opposition, and critics of the Russian government. For instance, the threat actors from Azerbaijan executed several attack methods to propagate the campaign, including phishing, hacking and social engineering, that ultimately violated the Facebook policies.

Meta explained that the campaigns aim to obtain personal information of their targets and promote certain narratives about the operators or on their behalf for their gain. Some groups even used malware and other vectors to steal victims’ sensitive credentials.

Aside from Azerbaijan, similar malicious activities were observed in the countries involved in Meta’s massive disruption, like how a Brazilian military-linked group violated the platform’s rules by attempting to criticise environmental NGOs that protested against deforestation in the Amazon.

In Iran, many hackers partaking in the campaign targeted the Saudi military, human rights activists, politicians, activists, and journalists. With various attack vectors, these threat actors were focused on stealing credentials to execute more cybercrime.

Meta’s continuous effort against espionage campaigns is expected to persist, especially at a critical time like the ongoing Russia-Ukraine war. Social media users are advised to be vigilant as they use the internet daily and avoid engaging in malicious activities that might affect their security.

About the author

Leave a Reply