Facebook parent company Meta disclosed that it took action against two espionage operations in South Asia that leveraged its social media platforms to distribute malware to potential targets.
The first set of activities is what the company described as “persistent and well-resourced” and undertaken by a hacking group tracked under the moniker Bitter APT (aka APT-C-08 or T-APT-17) targeting individuals in New Zealand, India, Pakistan, and the U.K.
“Bitter used various malicious tactics to target people online with social engineering and infect their devices with malware,” Meta said in its Quarterly Adversarial Threat Report. “They used a mix of link-shortening services, malicious domains, compromised websites, and third-party hosting providers to distribute their malware.”
The attacks involved the threat actor creating fictitious personas on the platform, masquerading as attractive young women in a bid to build trust with targets and lure them into clicking on bogus links that deployed malware.
But in an interesting twist, the attackers convinced victims to download an iOS chat application via Apple TestFlight, a legitimate online service that can be used for beta-testing apps and providing feedback to app developers.
images from Hacker News