The cybersecurity company Check Point has discovered a new campaign to spread 'malware' through the social networkFacebookthat have infectedthousands of netizensthrough at least 30 fake pages with which they supplanted the identity of people like the commander of the Libyan army, Khalifa Haftar.
The activity of cybercrimegoes back at least to the year 2014, according to Check Point in a statement, and focuses especially on pages in which information was distributed about the Libyan conflict in the cities of Tripoli and Benghazi.
Through 30 pages as one that was posing as Haftar and thathe had 11,000 followers on Facebook, the attackers sent URLs to download files that simulated leaks from Libyan intelligence units. However, instead of the promised content, they downloaded malicious files for Windows and Android environments.
The attacker was able to compromise the security of other websites such as Libyana, one of the most important mobile operators in Libya. Its website contained a RAR file in 2014, which was advertised as a gift package, but in realitycontained a malicious .NET executable.
The cybercriminal had created another profile where he shared sensitive information about his victims, which included official documents of the Libyan government, emails, telephone numbers of army officers and even photographs of some passports.
The researchers ofCheck Pointhave warned that the attacker for years has been taking advantage of Facebook to infect thousands of victims in Libya, Europe, the United States and Canada. Also, the company has already shared this information with Facebook to close the pages that distributed 'malware'.