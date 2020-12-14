In a statement released on Dec. 10, Facebook announced it was implementing measures to counter the actions of two groups of hackers: APT32, which operates in Vietnam, and another group based in Bangladesh. Both companies are suspected of using their IT infrastructure to spread malware and hacking accounts on Facebook.

Targeted chopping from Bangladesh

The Bangladesh-based group was primarily targeted against activists, journalists and religious minorities. The accounts of these targets have been flagged for Facebook to disable them for violating multiple rules.

Facebook security teams then investigated. The cancellations of accounts come from two non-profit organizations in Bangladesh. They wanted to hack into multiple users’ accounts and pages, and in some cases use those accounts to grow the audience for their content. Facebook also condemns the use of funds outside the platform (email misappropriation, abuse of the account recovery process, etc.).

To stop this activity, Facebook announced the deletion of the accounts and pages that were behind this operation. The American social network urges its users to stay vigilant by avoiding clicking on suspicious links and downloading software from untrustworthy sources.

APT32, a threat already known to Facebook

APT32 qualifies as a die-hard gamer in Vietnam who is hacked by Facebook. According to the American company, APT32 is aimed at human rights activists based in Vietnam or other places such as Laos and Cambodia. These attacks were targeted against government and non-governmental organizations, news agencies and numerous companies. Facebook announced that the group has been followed for several years and that steps are being taken to counter their actions.

Still, the social network created by Mark Zuckerberg publicly reveals a troubling element of their investigation. APT32’s activities would be linked to a Vietnam-based IT company: CyberOne. Facebook has therefore discovered several sophisticated IT tactics:

Creating fictional people on the Internet posing as activists or companies. Objective: To attract subscribers with these fake accounts and then use phishing techniques or malware. Apps in the Play Store: APT32 would have encouraged its goals to download Android apps through the Google Play Store. These apps with a variety of permissions are used to monitor users’ devices. The spread of malware through the creation of custom malware that can detect the type of operating system used by a target (Windows or Mac). After the system was identified, APT32 attempted to run malicious software.

To stop all of this happening, Facebook has blocked multiple posts, accounts and groups on its platform. The American social network also informed people that APT32 was targeting.

Since the scandals and security flaws that dulled Facebook in recent years, the American company has tried to improve the security of its various services. In the spring of 2020, Facebook announced the change in the internal position of several employees in order to increase the automation of the detection of security threats.