How the thriving fraud industry within Facebook attacks independent media

Experts investigate how stolen Facebook accounts are used as part of a well-established fraud industry inside Facebook.

No eyebrows were raised in Quriums security operation center when the independent Philippine media outlet Bulatlat once again got DDoSed, as they are a frequent target of such digital attacks. However, when we noticed that the attack traffic came from valid users in Vietnam, we started to smell a rat…

During more than six months, Qurium (via Bulatlat) has been receiving malicious traffic from close to one million Facebook users, where access to thousands of these accounts have been compromised. The stolen accounts are systematically abused to increase Likes and Followers on demand as part of a well established fraud industry inside Facebook.

This report is the result of a six months’ long investigation that started to back trace a DDoS attack, but ended up finding and uncovering a large network of Vietnamese fraudsters using Facebook infrastructure and residential proxies to build and control a large farm of Facebook bots, that are used to monetize on Facebook services and carry out malicious activities.

Further technical details are included in the Qurium forensics report:
The tip of the iceberg – The algorithm fraud industry

About the author: Qurium Media Foundation is a Swedish non-profit digital security solutions provider, supporting independent media and human rights organizations in repressive regimes. Learn more at qurium.org or Twitter.

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, fraud)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.