• Tech News
    • Games
    • Pc & Laptop
    • Mobile Tech
    • Ar & Vr
    • Security
  • Startup
    • Fintech
  • Reviews
  • How To
What's Hot

Elementor #32036

January 24, 2025

The Redmi Note 13 is a bigger downgrade compared to the 5G model than you might think

April 18, 2024

Xiaomi Redmi Watch 4 is a budget smartwatch with a premium look and feel

April 16, 2024
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
    1. Games
    2. Pc & Laptop
    3. Mobile Tech
    4. Ar & Vr
    5. Security
    6. View All

    Bring Elden Ring to the table with the upcoming board game adaptation

    September 19, 2022

    ONI: Road to be the Mightiest Oni reveals its opening movie

    September 19, 2022

    GTA 6 images and footage allegedly leak

    September 19, 2022

    Wild west adventure Card Cowboy turns cards into weird and silly stories

    September 18, 2022

    7 Reasons Why You Should Study PHP Programming Language

    October 19, 2022

    Logitech MX Master 3S and MX Keys Combo for Business Gen 2 Review

    October 9, 2022

    Lenovo ThinkPad X1 Carbon Gen10 Review

    September 18, 2022

    Lenovo IdeaPad 5i Chromebook, 16-inch+120Hz

    September 3, 2022

    It’s 2023 and Spotify Still Can’t Say When AirPlay 2 Support Will Arrive

    April 4, 2023

    YouTube adds very convenient iPhone homescreen widgets

    October 15, 2022

    Google finishes iOS 16 Lock Screen widgets rollout w/ Maps

    October 14, 2022

    Is Apple actually turning iMessage into AIM or is this sketchy redesign rumor for laughs?

    October 14, 2022

    MeetKai launches AI-powered metaverse, starting with a billboard in Times Square

    August 10, 2022

    The DeanBeat: RP1 simulates putting 4,000 people together in a single metaverse plaza

    August 10, 2022

    Improving the customer experience with virtual and augmented reality

    August 10, 2022

    Why the metaverse won’t fall to Clubhouse’s fate

    August 10, 2022

    How Apple privacy changes have forced social media marketing to evolve

    October 16, 2022

    Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

    October 16, 2022

    Decentralization and KYC compliance: Critical concepts in sovereign policy

    October 15, 2022

    What Thoma Bravo’s latest acquisition reveals about identity management

    October 14, 2022

    What is a Service Robot? The vision of an intelligent service application is possible.

    November 7, 2022

    Tom Brady just chucked another Microsoft Surface tablet

    September 18, 2022

    The best AIO coolers for your PC in 2022

    September 18, 2022

    YC’s Michael Seibel clarifies some misconceptions about the accelerator • DailyTech

    September 18, 2022
  • Startup
    • Fintech
  • Reviews
  • How To
Behind The ScreenBehind The Screen
Home»Startup»A Sprawling Bot Network Used Fake Porn to Fool Facebook
Startup

A Sprawling Bot Network Used Fake Porn to Fool Facebook

September 26, 2022No Comments3 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
A Sprawling Bot Network Used Fake Porn to Fool Facebook
Share
Facebook Twitter LinkedIn Pinterest Email

In November 2021, Tord Lundström, the technical director at Swedish digital forensics nonprofit Qurium Media, noticed something strange. A massive distributed denial of service (DDoS) attack was targeting Bulatlat, an alternative Phillippine media outlet hosted by the nonprofit. And it was coming from Facebook users.

Lundström and his team found that the attack was just the start of it. Bulatlat had become the target of a sophisticated Vietnamese troll farm that had captured the credentials of thousands of Facebook accounts and turned them into malicious bots to target the credentials of yet more accounts to swell its numbers.

The volume of this attack was staggering even for Bulatlat, which has long been the target of censorship and major cyberattacks. The team at Qurium was blocking up to 60,000 IP addresses a day from accessing Bulatlat’s website. “We didn’t know where it was coming from, why people were going to these specific parts of the Bulatlat website,” says Lundström.

When they traced the attack, things got weirder still. Lundström and his team found that requests for pages on Bulatlat’s website were actually coming from Facebook links disguised to look like links to pornography. These scam links captured the credentials of the Facebook users and redirected the traffic to Bulatlat, essentially executing a phishing attack and a DDoS attack at the same time. From there, the compromised accounts were automated to spam their networks with more of the same fake porn links, which in turn sent more and more users careering toward Bulatlat’s website.

Though Facebook parent company Meta has systems in place to detect phishing scams and problematic links, Qurium found that the attackers were using a “bouncing domain.” This meant that if Meta’s detection system were to test the domain, it would link out to a legitimate website, but if a regular user clicked on the link, they would be redirected to the phishing site.

See also  10K Fb Group admins sued for pretend Amazon assessment scams

After months of investigation, Qurium was able to identify a Vietnamese company called Mac Quan Inc. that had registered some of the domain names for the phishing sites. Qurium estimates that the Vietnamese group had captured the credentials of upwards of 500,000 Facebook users from more than 30 countries using some 100 different domain names. It’s thought that over 1 million accounts have been targeted by the bot network.

To further circumvent Meta’s detection systems, the attackers used “residential proxies,” routing traffic through an intermediary based in the same country as the stolen Facebook account—normally a local cell phone—to make it appear as though the login was coming from a local IP address. “Anyone from anywhere in the world can then access these accounts and use them for whatever they want,” says Lundström.

A Facebook page for “Mac Quan IT” states that its owner is an engineer at the domain company Namecheap.com and includes a post from May 30, 2021, where it advertised likes and followers for sale: 10,000 yen ($70) for 350 likes and 20,000 yen for 1,000 followers. Startup contacted the email attached to the Facebook page for comment but did not receive a response. Qurium further traced the domain name to an email registered to a person called Mien Trung Vinh.

Source link

bot Facebook Fake Fool network porn Sprawling
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Multiple Milestones As New Majority Capital Boosts Entrepreneurship Through Acquisition

September 26, 2023

Getty Images Plunges Into the Generative AI Pool

September 26, 2023

3 Hot Startup Opportunities In Augmented Reality

September 26, 2023

The ChatGPT App Can Now Talk to You—and Look Into Your Life

September 25, 2023
Add A Comment

Comments are closed.

Editors Picks

How crypto tokens became as unsafe as payment cards once used to be

August 5, 2022

Elon Musk says whistleblower’s testimony gives him more reasons to dump Twitter deal

August 30, 2022

Best Nintendo Switch cases for 2022

August 23, 2022

CISA chief requires steady world collaborations to fight cyberthreats

July 22, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Elementor #32036

The Redmi Note 13 is a bigger downgrade compared to the 5G model than you might think

Xiaomi Redmi Watch 4 is a budget smartwatch with a premium look and feel

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.uk - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.