The campain has been operating in the open on Facebook for 5 years.
Facebook cannot be trusted. In the midst of the company censoring users based on political speech, and openly meddling in elections, a new discovery of an ongoing malware campaign isn’t much of a surprise.
The campaign was discovered by Check Point, was delivering malware through Libya centric Facebook pages. From pages claiming to supply news about Libya, to a fake account of Field Marshal Khalifa Haftar, commander of Libya’s National Army, all that was really being delivered was malware. The payload being delivered was various versions of malware that primarily provided attackers remote access to devices.
Checking on who had registered the command and control servers for the malware, led researchers to discover another Facebook page, which actually shared openly screenshots of the servers, and data which the attackers had stolen. The stolen data included Libyan government secret documents, emails and phone numbers of government officials, as well as photos of officials passports. Thousands have been infected via the malware campaign.
The amount of money which Facebook has put into “security” and “privacy” only to have a multi-year malware campaign which was being publicly shared on it’s own service should be a black eye for the company. And it should also be a warning to anyone that uses Facebook.
Source: Ars Technica