• Tech News
    • Games
    • Pc & Laptop
    • Mobile Tech
    • Ar & Vr
    • Security
  • Startup
    • Fintech
  • Reviews
  • How To
What's Hot

Huawei FreeBuds 5i review

March 21, 2023

Meta Is Being Sued in Kenya, Again

March 21, 2023

SVB Is A Story Of Digital Herds In Need Of A Shepherd

March 21, 2023
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
    1. Games
    2. Pc & Laptop
    3. Mobile Tech
    4. Ar & Vr
    5. Security
    6. View All

    Bring Elden Ring to the table with the upcoming board game adaptation

    September 19, 2022

    ONI: Road to be the Mightiest Oni reveals its opening movie

    September 19, 2022

    GTA 6 images and footage allegedly leak

    September 19, 2022

    Wild west adventure Card Cowboy turns cards into weird and silly stories

    September 18, 2022

    7 Reasons Why You Should Study PHP Programming Language

    October 19, 2022

    Logitech MX Master 3S and MX Keys Combo for Business Gen 2 Review

    October 9, 2022

    Lenovo ThinkPad X1 Carbon Gen10 Review

    September 18, 2022

    Lenovo IdeaPad 5i Chromebook, 16-inch+120Hz

    September 3, 2022

    YouTube adds very convenient iPhone homescreen widgets

    October 15, 2022

    Google finishes iOS 16 Lock Screen widgets rollout w/ Maps

    October 14, 2022

    Is Apple actually turning iMessage into AIM or is this sketchy redesign rumor for laughs?

    October 14, 2022

    Samsung’s One UI 5 update is largely about personalization

    October 14, 2022

    MeetKai launches AI-powered metaverse, starting with a billboard in Times Square

    August 10, 2022

    The DeanBeat: RP1 simulates putting 4,000 people together in a single metaverse plaza

    August 10, 2022

    Improving the customer experience with virtual and augmented reality

    August 10, 2022

    Why the metaverse won’t fall to Clubhouse’s fate

    August 10, 2022

    How Apple privacy changes have forced social media marketing to evolve

    October 16, 2022

    Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

    October 16, 2022

    Decentralization and KYC compliance: Critical concepts in sovereign policy

    October 15, 2022

    What Thoma Bravo’s latest acquisition reveals about identity management

    October 14, 2022

    What is a Service Robot? The vision of an intelligent service application is possible.

    November 7, 2022

    Tom Brady just chucked another Microsoft Surface tablet

    September 18, 2022

    The best AIO coolers for your PC in 2022

    September 18, 2022

    YC’s Michael Seibel clarifies some misconceptions about the accelerator • DailyTech

    September 18, 2022
  • Startup
    • Fintech
  • Reviews
  • How To
Behind The ScreenBehind The Screen
Home»Startup»A Sprawling Bot Network Used Fake Porn to Fool Facebook
Startup

A Sprawling Bot Network Used Fake Porn to Fool Facebook

September 26, 2022No Comments3 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
A Sprawling Bot Network Used Fake Porn to Fool Facebook
Share
Facebook Twitter LinkedIn Pinterest Email

In November 2021, Tord Lundström, the technical director at Swedish digital forensics nonprofit Qurium Media, noticed something strange. A massive distributed denial of service (DDoS) attack was targeting Bulatlat, an alternative Phillippine media outlet hosted by the nonprofit. And it was coming from Facebook users.

Lundström and his team found that the attack was just the start of it. Bulatlat had become the target of a sophisticated Vietnamese troll farm that had captured the credentials of thousands of Facebook accounts and turned them into malicious bots to target the credentials of yet more accounts to swell its numbers.

The volume of this attack was staggering even for Bulatlat, which has long been the target of censorship and major cyberattacks. The team at Qurium was blocking up to 60,000 IP addresses a day from accessing Bulatlat’s website. “We didn’t know where it was coming from, why people were going to these specific parts of the Bulatlat website,” says Lundström.

When they traced the attack, things got weirder still. Lundström and his team found that requests for pages on Bulatlat’s website were actually coming from Facebook links disguised to look like links to pornography. These scam links captured the credentials of the Facebook users and redirected the traffic to Bulatlat, essentially executing a phishing attack and a DDoS attack at the same time. From there, the compromised accounts were automated to spam their networks with more of the same fake porn links, which in turn sent more and more users careering toward Bulatlat’s website.

Though Facebook parent company Meta has systems in place to detect phishing scams and problematic links, Qurium found that the attackers were using a “bouncing domain.” This meant that if Meta’s detection system were to test the domain, it would link out to a legitimate website, but if a regular user clicked on the link, they would be redirected to the phishing site.

See also  New Erbium Malware (Infostealer) Spreads Via Fake Game Cheats

After months of investigation, Qurium was able to identify a Vietnamese company called Mac Quan Inc. that had registered some of the domain names for the phishing sites. Qurium estimates that the Vietnamese group had captured the credentials of upwards of 500,000 Facebook users from more than 30 countries using some 100 different domain names. It’s thought that over 1 million accounts have been targeted by the bot network.

To further circumvent Meta’s detection systems, the attackers used “residential proxies,” routing traffic through an intermediary based in the same country as the stolen Facebook account—normally a local cell phone—to make it appear as though the login was coming from a local IP address. “Anyone from anywhere in the world can then access these accounts and use them for whatever they want,” says Lundström.

A Facebook page for “Mac Quan IT” states that its owner is an engineer at the domain company Namecheap.com and includes a post from May 30, 2021, where it advertised likes and followers for sale: 10,000 yen ($70) for 350 likes and 20,000 yen for 1,000 followers. Startup contacted the email attached to the Facebook page for comment but did not receive a response. Qurium further traced the domain name to an email registered to a person called Mien Trung Vinh.

Source link

bot Facebook Fake Fool network porn Sprawling
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Meta Is Being Sued in Kenya, Again

March 21, 2023

SVB Is A Story Of Digital Herds In Need Of A Shepherd

March 21, 2023

Senators Warn the Next US Bank Run Could Be Rigged

March 20, 2023

Eight Ways Entrepreneurs Can Leverage Technology To Get Control Of Their Time

March 20, 2023
Add A Comment

Comments are closed.

Editors Picks

Indie Bundle For Abortion Funds is also raising money with 700+ games

July 5, 2022

‘Framed’ answer today September 5 – Movies Hints And Clues

September 5, 2022

Viral phrase recreation Wordle is being became a board recreation

July 17, 2022

The Last of Us Part I review – A PS5 remake that shines above most

September 1, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Huawei FreeBuds 5i review

Meta Is Being Sued in Kenya, Again

SVB Is A Story Of Digital Herds In Need Of A Shepherd

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2023 behindthescreen.uk - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.