+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Over 6 million Facebook users hit by mega ad phishing campaign

Dec 31, 2020, 10:53 IST
IANS
BCCL
New Delhi, Cybersecurity researchers have unearthed a large-scale ad phishing campaign that has compromised accounts of more than 6.15 lakh Facebook users from at least 50 countries, by exploiting the pages of open source repository GitHub.
Advertisement

The list of affected users is growing at a rapid pace of more than a 100 entries per minute, according to ThreatNix, a Nepal-based cybersecurity firm.

The researchers first came across the phishing campaign through a sponsored Facebook post that was offering 3GB mobile data from Nepal Telecom and redirecting to a phishing site hosted on GitHub pages.

The page that posted the ad was using the profile picture and name of Nepal Telecom and was almost indistinguishable from the legitimate page.

"We saw similar Facebook posts targeting Facebook users from Tunisia, Egypt, Philippines, Pakistan, Norway, Malaysia etc," the firm claimed in a statement this week.

Advertisement

According to the firm, the ad phishing campaign is using localised Facebook posts and pages spoofing legitimate entities and targeted ads for specific countries.

Links within these posts then redirected to a static Github page website that contained a login panel for Facebook.

"All these static GitHub pages forwarded the phished credentials to two endpoints one to a Firestore database and another to a domain owned by the phishing group," the researchers noted.

"We discovered almost 500 GitHub repositories containing phishing pages that are a part of the same phishing campaign".

Facebook or GitHub was yet to comment on the ThreatNix report.

Advertisement
ThreatNix said that it is working on taking down the phishing infrastructure by collaborating with relevant authorities "as such we are withholding the information related to the domains until then".

While Facebook takes measures to make sure that such phishing pages are not approved for ads, in this case, the scammers were using Bitly link's which initially must have pointed to a benign page and once the ad was approved, was modified to point to the phishing domain, the researchers explained.


SEE ALSO:
Top stocks to watch — Tata Steel, Vedanta, Adani Green, Tata Motors, Maruti, M&M, DHFL, V-Mart, Indian Bank, and others
Upcoming smartphones in India in January 2021
Google is testing a shortcut feature for TikTok and Instagram videos
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article