Facebook said it has disrupted a network of hackers tied to Iran who were attempting to distribute malware via malicious links shared under fake personas. The social network’s cyber espionage investigations team has taken action against the group, disabled their accounts and notified the roughly 200 users who were targeted.
The hackers — believed to be part of the Tortoiseshell group — were targeting military personnel and people who worked in the aerospace and defense industries in the United States, often spending months on social engineering efforts with the goal of directing targets to attacker-controlled domains where their devices could be infected with espionage enabling malware.
On Facebook, roughly 200 accounts associated with the hacking campaign were blocked and taken down.