Facebook Pages Hacked To Impersonate Meta
Facebook has reportedly disabled several verified accounts after hackers breached them and used them to spread malware through ads. The hackers used the accounts to target page managers and advertising professionals, promising a more professional and secure tool while sharing a malicious download link.
The hackers targeted popular Facebook pages, and once they gained access, they would change the page’s name into a variant of Meta (Facebook’s parent company) or Google. They would then purchase an ad on the social media platform, targeting page managers and advertising professionals.
The malicious campaign was first detected by social media consultant Matt Navarra, who took to Twitter to warn others about the danger. One of the ads read “Because of security issues for upcoming users, you can no longer manage ad accounts in the browser. Switch to a more professional and secure tool,” before going on to share a fraudulent download link.
In another instance, a hacked verified account purporting to be “Google AI” pointed users toward fake links for Bard, Google’s AI chatbot. That account previously belonged to Indian singer and actress Miss Pooja before the account name was changed on April 29th. That account had been operated for at least a decade and boasted more than 7 million followers.
There were multiple issues with Facebook that allowed this campaign to be possible, including how Facebook allowed the threat actors to change the page’s name into something seemingly related to Meta and keep the blue verification checkmark, and how they could purchase and run ads that contained malicious links.
Facebook has since disabled all of the affected accounts and shut down the malicious campaigns. A Meta spokesperson told TechCrunch that they “invest significant resources into detecting and preventing scams and hacks”. They also said that while many of their improvements are difficult to see, scammers are always trying to get around their security measures.
It’s worth noting that Facebook pages show if the page changed its name in the past and from what, but this hasn’t been enough to prevent this latest surge of scams.