In-article:

Facebook Messenger: These hackers hijacked millions of accounts to line their pockets


PIXM computer security researchers have discovered the existence of a major phishing campaign that targets Facebook Messenger users. Operators of this campaign used stolen accounts to spread phishing messages to friends of victims.

Credits: Facebook

Phishing remains one of the favorite methods of hackers to make money easily and quickly. To maximize the number of victims and by extension the revenue generated, operators generally target users of popular applications and customers of very large companies. That’s why Apple, Microsoft and Facebook are favorite targets of phishing campaigns.

In April 2022, hackers pretended to be Facebook to hack user accounts. And on this Friday, June 10, 2022, PIXM information security researchers are warning about a new massive phishing campaign on Facebook Messenger.

The principle of the operation is simple: the crooks have developed many phishing sites by taking over the interface of Facebook and Messenger. The goal, to encourage victims to provide their login credentials. Once the hackers had this information, two things happened:

  • victims are redirected to websites that host advertisements, surveys and other ways to generate revenue for the operators
  • stolen Facebook accounts are used to spread the campaign via Messenger

Also read: Facebook Messenger – malware is spreading on messaging, do not click on this link!

8.5 million users fell into the trap

To do this, hackers use automated tools to send other phishing links to friends of compromised accounts. “A user’s account was compromised and, in a likely automated way, the threat actor logged into that account and sent the link to the user’s friends via Facebook Messenger.

And although Facebook has safeguards to prevent the delivery of malicious URLs, operators have used a trick to bypass Messenger’s security. Indeed, phishing messages using legitimate ULR generation services such as litch.me, famous.co, amaze.co or even funnel-preview.com. These URLs are used by many legitimate applications. According to the researchers, 2.7 million users visited one of the phishing portals. This figure has increased to 8.5 million in 2022, reflecting the massive growth of the campaign.

Source: BleedingComputer



Source link -101