Hackers have seized millions of Facebook messenger accounts

by admin, Monday, 13 June 2022 (2 months ago)

Phishing remains one of the favorite methods of hackers to make money quickly and easily. To maximize the number of victims and consequently the revenue generated, providers generally target users of popular applications and customers of very large companies. This is why Apple, Microsoft and Facebook are favorite targets of phishing campaigns. In April 2022, hackers pretended to be Facebook to hack users’ accounts. And now, PIXM Information Security Researchers warn of a new mass phishing campaign on Facebook Messenger.

So, the principle of operation is simple: hackers have developed many phishing sites by taking over the interface of Facebook and Messenger. The goal is to encourage victims to provide their login credentials. Once the hackers had this information, two things happened: Victims are redirected to sites that host ads, surveys, and other forms of revenue for operators, and stolen Facebook accounts are used to spread the campaign through Messenger.

Hackers make millions of dollars from a huge phishing campaign on Facebook Messenger

Facebook messenger

To do this, hackers use automated tools to send other phishing links to friends whose accounts have been compromised. “A user’s account was attacked and, in a possible automated way, the threat agent logged into that account and sent the link to the user’s friends via Facebook Messenger.”

And even though Facebook has security flaws to prevent malicious URLs from being delivered. Operators have used a trick to circumvent Facebook Messenger security. Indeed, e-mail messages using legitimate ULR production services, such as litch.me, famous.co, amaze.co or even funnel-preview.com. These URLs are used by many legitimate applications. According to the researchers, 2.7 million users visited one of the phishing portals. That number rose to 8.5 million in 2022, reflecting the massive growth of the campaign.

Colombian Police and Interpol have received the results of the PIXM investigation. but the campaign is still ongoing, despite the fact that many of the recognized URLs are offline.

Rate this news


Your email address will not be published.