Facebook has released information on an ad-fraud cyberattack that has been occurring since 2016. Facebook claims that the cyber attackers stole credentials and browser cookies as part of the attack, which was conducted using Chinese malware. According to the social media platform, the threat actors siphoned a total of $4 million from users’ advertising accounts. The campaign has been named SilentFade and was first discovered in December of 2018 when suspicious traffic was observed across several Facebook endpoints.
Facebook has now extensively investigated the campaign, shutting it down and pursuing legal action. The Chinese malware deployed by threat actors in the campaign was able to compromise Facebook accounts and use them to promote malicious ads as well as steal browser cookies and credentials. Facebook security teams described the techniques used to compromise accounts in an analysis released last week.
Read More: Years-Long ‘SilentFade’ Attack Drained Facebook Victims of $4M