Tag Archive for: META

Meta cracks down on cyberespionage, warns of ‘perception hacking’ ahead of midterm elections

/in


Meta said it is focused on continuing to disrupt emerging cybersecurity threats, including “perception hacking” efforts that could attempt to create unjustified fears about the security of U.S. elections.

In its new “Quarterly Adversarial Threat Report” released Thursday, Meta details how it took action on two cyberespionage operations and removed three networks that were engaging in coordinated inauthentic behavior (CIB) — campaigns that seek to manipulate public debate.

Since 2017, the company says it has been able to disrupt the activities of coordinated networks aimed at manipulating users with fake accounts using coordinated inauthentic behavior. The efforts have been successful at driving these networks off of Facebook and have made it harder for other entities to maintain access on the social media platform, Meta says.

Meta says in the report that cyberespionage actors tend to target individuals across the internet in an effort “to collect intelligence manipulate them into revealing information and compromise their devices and accounts.”

Meta’s Facebook took action on two separate cyberespionage operations from South Asia this past quarter, both of which used malware to infect users’ devices. One of the operations was from the hacker group known as Bitter APT, the report says.

The hacker group targeted users with malware in New Zealand, India, Pakistan and the United Kingdom, Meta’s report says.

The report also revealed the company had removed networks promoting misinformation and harassment in India, Indonesia, Greece and South Africa.

Additionally, Facebook removed three networks engaged in coordinated inauthentic behavior, including one network linked to an Israeli public relations firm and two troll farms from Malaysia and Russia.

The Russian operation, the self-proclaimed CyberFront Z, focused on targeting global discourse on the war in Ukraine, the report says.

PHOTO: The logo of Meta Platforms is seen in Davos, Switzerland, May 22, 2022.

The logo of Meta Platforms is seen in Davos, Switzerland, May 22, 2022.

Arnd Wiegmann/Reuters, FILE

The pro-Russia operation attempted to mirror the anti-war communities defending Ukraine through the use of fake accounts run by paid posters, the report says. Despite the effort, pro-Ukraine and anti-war comments…

Source…

Meta Ventures into Virtual Currency with “Zuck Bucks”; Sky Mavis Raises $150m Following DeFi Hack

/in


In today’s ExchangeWire news digest: Meta ventures into virtual currency with the development of “Zuck Bucks” and NFTs; Sky Mavis raises USD$150m (£114.7m) just weeks after losing USD$615m (£469m) to crypto hackers; and JD.com founder, Richard Liu, steps down as its chief executive.

 

Meta explores creating virtual “Zuck Bucks”

Facebook-parent Meta has outlined plans to introduce virtual currency and lending services to its apps. Led by founder and chief executive,  Mark Zuckerberg, the company, which also owns Instagram and Whatsapp, is venturing into alternative revenue streams and features to bolster its digital presence. The move comes just months after the collapse of Facebook’s project to launch a cryptocurrency, which had been developed over a period of almost 3 years.

Meta Financial Technologies, the financial arm of Facebook, has been looking into the potential creation of a virtual currency for use in the metaverse. Referred to as “Zuck Bucks” by employees, the currency is unlikely to be blockchain based and will instead take the form of in-app tokens similar to those used in gaming apps, reports the Financial Times.

Meta is also believed to be exploring the creation of “social tokens” or “reputation tokens” to reward users on the platform, in addition to developing “creator coins”, which could be associated with influencers and notable content creators on Instagram.

Aside from its ventures into virtual currency, Meta is also reportedly in the very early stages of exploring traditional financial services, such as helping to provide small business loans at attractive rates. The company’s plans to integrate non-fungible tokens (NFTs) into its apps are said to be more developed, with Mark Zuckerberg confirming that Instagram would soon support NFTs, and an internal memo from Meta outlining a pilot to share and post NFTs on Facebook to launch in May this year.

Meta’s drive towards virtual currency follows months of legal troubles and uncertainty for the big tech giant. In February, Meta lost over USD£220bn (£168.2bn) of its market valuation following the news that users were leaving its apps for competitor platforms, such as short-form video app…

Source…

Facebook parent Meta says Russians targeting Ukrainians with misinformation and hacking attempts on Facebook

/in


Facebook parent company Meta said Sunday night that it has taken down a coordinated Russian influence operation that was targeting Ukrainians across Facebook and Instagram. The company said the misinformation campaign has ties to another Russian network in the Donbas region that was previously banned from Facebook in April 2020. 

In addition to the influence operation, Meta said it also took down a coordinated hacking group attempting to target and compromise accounts within Ukraine.  

“We took this operation down, we’ve blocked their domains from being shared on our platform, and we’ve shared information about the operations with other tech platforms with researchers and with governments,” David Agranovich, director of threat disruption for Meta, told reporters.

Agranovich said the coordinated campaign used fake accounts to target high-profile Ukrainians including journalists, members of the military and public thinkers. Those behind the campaign operated fictitious personas and were also active on YouTube, Twitter, Telegram, and two Russian social media sites “to appear more authentic” and “avoid scrutiny,” Agranovich said.

The operation also ran a handful of websites, Meta said, which would publish claims about the West betraying Ukraine and Ukraine being a failed state. Agranovich said the content created by the influence operators was “primarily off of our platform.”

“The idea was they would write an article, posting that article onto their website as if they were a reporter or a commentator and then the accounts were really just designed to post links to their own websites and direct people off platform,” Agranovich said. 

While Meta described the influence operation as a “relatively small network” consisting of approximately 40 accounts, pages, and groups across Facebook — with fewer than 4,000 followers on Facebook and not even 500 on Instagram — the company would not say how many users interacted with the misinformation or how many times the posts were shared with others. 

“What we’ve generally found is that the best proxy for the size of these operations ends up being the number of people who follow them,” Agranovich said. “In general, what we saw here…

Source…

Meta Expands Bug-Bounty Program to Include Data Scraping

/in


Meta, recently rebranded from Facebook, today announced the expansion of its bug-bounty and data-bounty programs to reward valid reports of so-called scraping bugs and scraped databases with monetary compensation and matched charity donations, respectively.

The move is meant to address the risk of attack activity designed to scrape public and private data, which poses a threat to all kinds of websites and services. Scrapers such as malicious apps, websites, and scripts are constantly being updated to evade detection; the idea here is to make the process harder and more expensive for attackers, explained Dan Gurfinkel, security engineering manager, in a blog post.

The programs will start as a private bounty track for Meta’s Gold+ HackerPlus researchers. The company will reward reports of scraping methods, even if the targeted data is public, he noted. Its goal is to find bugs that allow attackers to bypass scraping limitations and access data at a larger scale than a product intended.

“Our goal is to quickly identify and counter scenarios that might make scraping less costly for malicious actors to execute,” he wrote. To the best of the company’s knowledge, this is the industry’s first data-scraping bug-bounty program.

Lack of proper rate limiting is currently included in the program’s scope, Gurfinkel continued, but its terms don’t allow hackers to automate data access and collection. Meta is encouraging research into logic bypass issues that could enable attackers to access information through untended mechanisms, even if proper rate limits are in place.

Starting Dec. 15, Meta’s bug-bounty program will reward reports of unprotected or openly public databases containing at least 100,000 unique Facebook user records with personally identifiable information (PII) or sensitive data, such as email addresses, phone numbers, physical addresses, or religious or political affiliations.

“The reported dataset must be unique and not previously known or reported to Meta,” Gurfinkel wrote. “We aim to learn from this effort so we can expand the scope to smaller datasets over time.”

If it’s confirmed that PII was scraped and is available on a website outside Meta, the company says it will “work to…

Source…