Reading Time: 2 minutes
Facebook takes down hackers in Palestine- Arid Viper and another network linked to Preventive Security Service(PSS). Facebook security experts are always on the lookout to disrupt adversary operations by disabling them, informing people about the steps they should take to protect their accounts. They share their findings publicly to improve the platform’s security.
According to Facebook’s blog post, they have successfully eliminated the infrastructure used to abuse their platform to distribute malware and hack user’s accounts across the internet.
The post describes the activities of two hacking groups, one of which targeted the domestic audiences in Palestine. While the other targeted users in Palestinian territories and Syria and to a lesser extent Turkey, Iraq, Lebanon, and Libya.
The security experts at Facebook took down their accounts, released malware hashes, blocked domains associated with their activity, and alerted users who believed they were targeted by these groups to help them secure their accounts. Information related to the hacking was shared with other industry partners and the anti-virus community to detect and stop such activities in the future.
Even though they have destroyed the present setup, they are confident such groups will turn up again with new tactics. Facebook’s security team said they would continue to strive on securing the community platform and publishing their findings in order to make people aware of the threats they see.
People are advised to remain vigilant and take proper steps to protect their accounts, avoid clicking unknown links, and downloading software from untrusted sources.
What Did Facebook’s Security Team Find?
PSS-Linked Group used a number of tactics, techniques and procedures (TTPs):
- Android Malware
- Windows Malware
- Social Engineering
Threat indicators used
- Android C2 Domains
- Android Hashes
- SpyNote C2
- Windows Malware C2 Domains
- Windows Malware Hashes
- Links to Android Malware
Arid Viper used a number of tactics, techniques and procedures (TTPs):
- Custom iOS Surveillanceware
- Evolving Android and Windows Malware
- Malware Distribution