Tech

Facebook Messenger: These hackers hijacked millions of accounts to line their pockets

Deepak GuptaJune 10, 2022
0

PIXM computer security researchers have discovered the existence of a major phishing campaign that targets Facebook Messenger users. Operators of this campaign used stolen accounts to spread phishing messages to friends of victims.

facebook messenger
Credits: Facebook

Phishing remains one of the favorite methods of hackers to make money easily and quickly. To maximize the number of victims and by extension the revenue generated, operators generally target users of popular applications and customers of very large companies. That’s why Apple, Microsoft and Facebook are favorite targets of phishing campaigns.

In April 2022, hackers pretended to be Facebook to hack user accounts. And on this Friday, June 10, 2022, PIXM information security researchers are warning about a new massive phishing campaign on Facebook Messenger.

The principle of the operation is simple: the crooks have developed many phishing sites by taking over the interface of Facebook and Messenger. The goal is to encourage victims to provide their login credentials. Once the hackers had this information, two things happened:

  • victims are redirected to websites that host advertisements, surveys and other ways to generate revenue for the operators
  • stolen Facebook accounts are used to spread the campaign via Messenger

Also read: Facebook Messenger – malware is spreading on messaging, do not click on this link!

8.5 million users fell into the trap

To do this, hackers use automated tools to send other phishing links to friends of compromised accounts. “A user’s account was compromised and, in a likely automated way, the threat actor logged into that account and sent the link to the user’s friends via Facebook Messenger.

And although Facebook has safeguards to prevent the delivery of malicious URLs, operators have used a trick to bypass Messenger’s security. Indeed, phishing messages using legitimate ULR generation services such as litch.me, famous.co, amaze.co or even funnel-preview.com. These URLs are used by many legitimate applications. According to the researchers, 2.7 million users visited one of the phishing portals. This figure has increased to 8.5 million in 2022, reflecting the massive growth of the campaign.

Source : BleedingComputer

We have other articles that may interest you:
  1. The return of the Witcher to Netflix already has a date on the calendar
  2. 5 watches to give away that still arrive before Christmas
  3. What is a magnet link and how is it used in BitTorrent?
  4. Bouygues Telecom integrates Wi-Fi 6E on its most expensive Bboxes
  5. Windows 10 21H2 is now available to all users
  6. Android 13: Google will finally add spatial audio, 2 years after Apple
Deepak GuptaJune 10, 2022
0

Related Articles

The curious aerospace history of Nike Air shoes

May 5, 2022

Sony after the purchase of Activision Blizzard by Microsoft: Sunken in the stock market and with bad omens

January 20, 2022

Amazon announces closure of its Drive file storage service in 2023

July 30, 2022

The OLED Switch uses a 6-year-old processor, and it’s a small miracle

July 7, 2021

Leave a Reply

Your email address will not be published. Required fields are marked *