Meta has filed a complaint against hackers who created 39,000 web pages that copy the login pages of company services and use their logos.
These pages were created with the aim of trapping platform users and recovering their credentials.
A large-scale operation
In a statement, Meta said it has filed a lawsuit with a California court to disrupt a major phishing operation. According to the company, the hackers would have created 39,000 web pages imitating the connection pages of the brand’s services, such as Facebook, Instagram, Messenger or WhatsApp. The goal was to trap users and retrieve their login credentials as soon as they entered them on the malicious site.
To succeed in their misdeeds, the hackers used a service called Ngrok, which allowed them to redirect internet traffic to their phishing sites and hide several important information about their structure, such as the location of the sites and the identity of their hosts. In this way, it was difficult for Meta to act directly with them to shut down the sites.
A complaint in order to recover the identities of hackers
When, in March 2021, the company realized that the volume of attacks was increasing sharply, actions were taken jointly with Ngrok, which allowed them to suspend thousands of URLs leading to phishing sites. Today, it is therefore by legal means that Meta intends to act against its attackers and succeed in obtaining their identities.
In the complaint, the company attacks the hackers on phishing, but also on copyright infringements, its logos having been used on the fake pages to make them more realistic. She indicates that the actions of the attackers caused “damage to brands and their reputation as well as to their users. “
This is not the first time that Meta has taken the legal route to attack offenders who harm its platforms and users. In 2019 and 2020, the company attacked two domain name registries. She accused them of offering services that allowed attackers to register domain names close to her own. More recently, six cyber espionage companies have received formal notices following their use of Meta’s platforms to retrieve information about users and infect them with spyware.
Source: The verge
2