Meta (formerly Facebook) claims that Pakistani hackers used Facebook to compromise Afghan users on the platform. These Afghan users reportedly had connections to the previous Afghanistan government during the Taliban takeover.
The news was shared by Facebook’s threat investigator during an interview with Reuters. He said that the Pakistani hacker group is known as SideCopy in the security industry and it shared malicious website links to people that could survey their victims’ machines.
The victims included people with connections to the government, military, and law enforcement in Kabul according to the Facebook official. The official revealed that these hackers created fake female profiles on Facebook to act as “romantic lures” to their victims. They would gain their trust only to send them phishing links or to make them download malicious apps.
They also breached legitimate websites so they could obtain people’s Facebook credentials.
Facebook has already taken steps to remove these hackers from its website. The social media giant disabled their accounts, blocked their domains, shared the hackers’ information with security researchers, and law enforcement, and alerted people who were targeted by the hackers.
Facebook’s head of cyber espionage investigations Mike Dvilyanski said:
It’s always difficult for us to speculate as to the end goal of the threat actor. We don’t know exactly who was compromised or what the end result of that was.