Researchers uncover cybercriminal stronghold targeting Facebook users

Facebook icon on mobile screen

The Facebook Messenger ‘Is That You?’ video phishing scam has been around since 2017, but a recent investigation into it by researchers at Cybernews has led to the discovery of what they’re calling a ‘cybercriminal stronghold’.

Threat actors are using this to infect the social network with thousands of malicious links each day. The research has also identified at least five suspects, thought to be residing in the Dominican Republic.

Following a tip off from cyber investigator Aidan Raney, the Cybernews team discovered thousands of phishing links had been distributed, through a devious network sprawling across the back channels of the social media platform.

Using the threat actor’s own details, Cybernews accessed a website that turned out to be the command and control center for most of the phishing attacks linked to the gang. “We were able to export the user list for everybody registered to this panel,” says the researcher. “Using the usernames on the list, we started uncovering the identities of as many people on the list as people, but there is still more work to be done.”

All relevant information has been handed over to the authorities pending further investigation. Meanwhile you should protect yourself by using complex passwords, enabling multi-factor authentication and being wary of unexpected messages on social media, even if they appear to come from contacts.

You can find out more about the investigation on the Cybernews site.

Image credit: BigTunaOnline / Shutterstock

Author: Martha Meyer