Meta, the parent company of Facebook, has uncovered a new social media espionage campaign in which cyber criminals launch social engineering attacks on Facebook and Instagram users by asking them to click on malevolent links, download malware, or share personal details.
According to the security teams’ analysis, three different threat actors were involved in this campaign and were assigned to focus their malicious goals on users from South Asian countries such as India, Bangladesh, Pakistan, Maldives, Sri Lanka, Nepal, Bhutan, Afghanistan, and others.
Guy Rosen, the CIO of Meta, confirmed the news and added that fake accounts created by impersonating beautiful women were taken down, and those who were contacted by criminals in the name of journalists, recruiters, or romance seekers were also taken down.
As the espionage was conducted at a high level, it remained concealed from many app verification software programs on Apple and Android devices.
Iran-based cyber hacking group Bahamut, Indian threat actor named Patchwork, and two state-funded actors from China are found to be behind the campaign.
It is unclear why the threat actors focused their campaign on South Asian countries, but some threat analysts say that all the countries targeted were either developing or lowly developed nations, where law enforcement is not much capable of detecting such attacks promptly.
NOTE: It is better not to click on links sent by unknown connections and to avoid downloading apps from unofficial web resources.