A large-scale campaign that used Facebook pages to spread malware has come to light recently. Experts from the Check Point Research team came across this campaign which is reported to have existed since at least 2014. The attackers mainly targeted victims from Libya as well as from Europe, the US, and China. Remote access trojans (RATs) such as Houdini, Remcos, and SpyNote were extensively used to compromise target machines.
The big picture
Who were the targets?
Check Point experts suggest that the attackers mainly had Libyans as targets in mind. However, there were victims from Europe, the US, and Canada as well.
“The pages deal with different topics but the one thing they have in common is the target audience that they seem to be after: Libyans. Some of the pages impersonate important Libyan figures and leaders, others are supportive of certain political campaigns or military operations in the country, and the majority are news pages from cities such as Tripoli or Benghazi,” the researchers wrote in their blog.