Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Hackers Targeted Afghan Officials on Facebook Amid Taliban Offensive

Facebook revealed Tuesday it had worked to block a hacker group that targeted the accounts of people tied to Afghanistan’s then-government and security forces as the Taliban was moving in to take power.

Facebook revealed Tuesday it had worked to block a hacker group that targeted the accounts of people tied to Afghanistan’s then-government and security forces as the Taliban was moving in to take power.

The Pakistan-based group, known as SideCopy, used “romantic lures” from what appeared to be young women on the platform to try to trick the targets into giving the hackers access to their pages.

Executives from Meta, Facebook’s parent company, did not detail what the ultimate motive appeared to be but noted the attacks were directed at “those with links to the Afghan government, military and law enforcement in Kabul.” 

The hackers’ main technique, known as phishing, was to share links to malicious sites hosting harmful software or to encourage the targets to download compromised chat apps in a campaign that ramped up between April and August.

[ RelatedIs the Taliban a Cyber Threat to the West? ]

After a nearly 20-year insurgency, the Taliban took power in Afghanistan in August as the US-backed government and military collapsed.

As part of the attacks revealed by Facebook, the hackers also set up fake mobile app stores and compromised legitimate sites in an effort to get their prey’s Facebook credentials.

SideCopy also sought to get their victims to download apps containing malware as part of an effort that “had the hallmarks of a well-resourced and persistent operation while obfuscating who’s behind it.”

Advertisement. Scroll to continue reading.

The company did not provide figures on the number of accounts potentially affected or the nature of the information hacked.

It said it has shared the information with the relevant authorities, and warned those affected.

The California-based group also said it “removed” the hackers involved in the Afghan operation as well as a set of three groups of hackers that targeted opposition or government critics in Syria. 

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Shane Barney has been appointed CISO of password management and PAM solutions provider Keeper Security.

Edge Delta has appointed Joan Pepin as its Chief Information Security Officer.

Vats Srivatsan has been appointed interim CEO of WatchGuard after Prakash Panjwani stepped down.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.