Facebook on Tuesday said it has removed a group of hackers from Pakistan that created fictitious profiles – typically of young women – as romantic lures to build trust with potential targets in Afghanistan and trick them into clicking on phishing links or downloading malicious chat apps.
The group, known as SideCopy, targeted people who were connected to the previous Afghan government, military, and law enforcement agencies in Kabul.
“We disabled their accounts, blocked their domains from being posted on our platform, shared information with our industry peers, security researchers and law enforcement agencies, and alerted the people who we believe were targeted by these hackers,” Facebook (now Meta) said in a statement.
The Pak-based hackers operated fake app stores and also compromised legitimate websites to host malicious phishing pages to manipulate people into giving up their Facebook credentials.
SideCopy attempted to trick people into installing trojanised chat apps (containing malware that misled people about its true intent), including messengers posing as Viber and Signal, or custom-made Android apps that contained malware to compromise devices.
Among them were apps named HappyChat, HangOn, ChatOut, TrendBanter, SmartSnap, and TeleChat — some of which were in fact functioning chat applications, said Facebook.