The running and distribution of advertisements which were about “counterfeit goods” and “dietary pills” was the only purpose of compromising the accounts in question.
The aforementioned company, per reports, goes by the name of “ILikeAD Media International Company Ltd.” It is, according to sources represented by the authors of the malware scheme, namely, "Huang Toa" and "Chen Xiao Cong".
Purportedly, the aforementioned authors apparently employed two basic ploys to mask their actual aim.
Using images of celebrities, aka “celeb bait” to lure people into clicking on them is one of them and the other happens to be a something called “Cloaking”.
Cloaking refers to the act of hiding something from the Facebook systems so that the real destination of a link an advertisement is concealed.
The ad after getting clicked on would lead the users to the genuine “landing page” whereas Facebook would be tricked into seeing a version that’s legitimate according to the policies and terms of the advertising policies.
Per Facebook, in most cases, Cloaking is fool proof as it hardly ever leaves tracks behind, making it pretty tough to realize the identity of actors. This majorly happens to be the reason why there are no specific rules about this.
Reportedly, another attack along the same lines was observed when fake PDF file editor was being pushed only to steal Amazon and Facebook session cookies. The malware at work, per reports goes by the name of “Socelars”.
Along with session cookies, other data like access tokens, email addresses, credit card information, account IDs et cetera were allegedly constituted a part of the compromised data.
The cookies are later on used to link with several Facebook URLs where one among them accesses the “account_billing” directory.
The information allowing users to call a Facebook Graph API and extract data from the users’ Ads Manager settings is the major part of what’s inside the directory.
The malware which was being distributed via numerous websites was in actuality a new “Trojan” which had almost nothing in common with the other types.
There’s no knowing if the above-mentioned malware has anything to do with the organization that Facebook sued but it surely suits the description.
All the users who had fallen prey to the schemes pulled off by the cyber-cons were handsomely compensated for, along with getting their accounts secured and free of any unauthorized access.
Facebook is very well aware of the jeopardy its users almost got into and is all in for taking precautionary measures as to erase any chances of repetition.
Read more https://www.ehackingnews.com/2019/12/facebook-files-lawsuit-against-company.html
