Libyan Hacker Delivered Malicious Posts on Facebook Pages, Groups and Profiles

Cyber criminals uses Facebook platform to spread malware to access users’ sensitive data

According to security experts, this platform is one of biggest sources for Cyber criminals to spread malware to spy on targeted machine and collect curial data of innocent users. When we talk about Libyan hacker, this hacker group was since active for past five years. They are responsible for spreading malware across the mobile and desktop devices which help them to manage to access the sensitive infraction of victims in order click on unwanted links and downloading files posted on misleading Facebook page and groups. Let’s take have a look at complete story.

Libyan hacker (suspect) spreads malware across desktop devices and mobile in order to access sensitive data of innocent users

According to report, Libyan hacker is being involved in such illegal activities from last 5 years who have hacked numerous Facebook accounts as well as spread harmful malware as Trojan in targeted machine. Moreover, the main motive of Libyan hacker behinds attack was financial gain as well as political propaganda. Apart from that, they were attacked mainly Libyan users with the help of fake news about country.

Such types of news/topics appeared in various Facebook groups, on pages an profile all over the social media platform the post including photos, messages, hyperlinks, direct downloads mobile applications and other types of contents which forced to join the group and read such news and messages.

Moreover, this malicious activity was spotted due to fake Facebook account used the name of Libyan’s National Army Field Marshal Khaifa Haftar which had more than 11,000 followers. Let’s take have a look at Operation Tripoli report:

Our investigation started when we came across a Facebook page impersonating the commander of Libya’s National Army, Khalifa Haftar. Through this Facebook page we were able to trace this malicious activity all the way down to the attacker responsible for it and find out how they have been taking advantage of the social networking platform for years, compromising legitimate websites to host malware and, in the end, successfully made their way to tens of thousands of victims.

You may also read: Facebook Messenger Being Used to Distribute FacexWorm Cryptocurrency Mining Virus

Impact of Malicious links: Download the malware on targeted machine automatically

Moreover, the Facebook posts delivered by Libyan hacker in various Facebook pages, groups and even in private profiles included malicious links which led victims to Windows Script, VBSCripts and malicious APKs which would download/install malicious Trojan payload once executed. However, it delivered the remote access tool to spy on targeted machine such tools as malware like Houdina, SpyNote and Remcos. Few days after fake Khalifa’s account was spotted, the team began the investigation that revealed multiple other related fake Facebook pages.

Libyan hacker encourages Facebook users to read the malicious posts in order to gain their private details

Libyan hacker delivered malicious Facebook posts in order to collect private detail of users. Apart from that, some malicious posts including photos of pilots who tried to bomb the capital of city of Tripoli, while other showed leaked reports from Libya’s Intelligence units. They were delivered malicious Trojan horse virus through these links and download pages got access to peoples’ personal details like phone number, identity cards, passport numbers, photos and other details.

However, all the hacked data was later made public by hackers which can be very dangerous from of data theft. Anyway, we are researching on the matter very deeply and we will defiantly post an update, if it will come in future. For any suggestions or queries, please write on comment box given below.

You may also read: [Solution] Remove Landpage.co Facebook Virus from PCs/Mobile