The Facebook security team have revealed more information about one of the most advanced malware attacks on the social media site at the Virus Bulletin 2020 security conference yesterday.
The malware gang, known as SilentFade are based in China and were active between late 2018 and February 2019, when Facebook put an end to their attacks. Despite their intervention, the gang still managed to defraud users of over $4 million.
The group used a combination of Windows trojans, browser injections, clever scripting and a bug on the platform to gain user’s information. The purpose of SilentFades attack was to infect the users with the trojan, hijack their browser and steal their passwords and cookies so they could access their Facebook accounts. Once they gained access, they would use any bank account information linked to their profiles to buy Facebook ads.