Check Point researchers have uncovered a years-long, “large-scale” cyber campaign in which threat actors used Facebook in order to distribute Remote Access Trojans (RATs). The campaign was active since at least 2014 and targeted tens of thousands of users from Libya, Europe, the United States and China.
The latest incarnation of the campaign centered on a malicious Facebook page impersonating Libyan military commander Khalifa Haftar. The page contained posts with content relating to the political turmoil in Libya as well as malicious links. Users that interacted with a link would have their system infected with malware.
Read more: Facebook abused to spread Remote Access Trojans since 2014
