Connect with us


Facebook disrupts Iranian hackers who targeted US military personnel and defense contractors



(CNN Business)Facebook said Thursday it has disrupted a group of Iranian hackers who created fake social media profiles and sent targeted, malicious links to victims in an attempt to spy on Western defense contractors and military personnel. The campaign has apparent links to the Iranian government.

The hackers ran a sophisticated operation to gain their victims’ trust, Facebook said, often posing as representatives of aerospace and defense firms to build deep relationships with their targets before directing them to fraudulent websites. Though the sites looked and acted like their legitimate counterparts — including a US Labor Department job site — they were designed to steal data and scan computer systems.

The group zeroed in on individuals who work in the US military and defense industry, and also targeted similar victims in the UK and Europe, Facebook said.

    Ransomware gang that hit meat supplier mysteriously vanishes from the internet

    Mike Dvilyanski, Facebook’s head of cyber espionage investigations, told CNN the company has disabled “fewer than 200 operational accounts” on its platform associated with the Iranian campaign, and notified a similar number of Facebook users that they may have been targeted by the group. The Iranian campaign extended beyond Facebook and also used other platforms and messaging technologies including email, Facebook said. However, it’s difficult to know how successful the espionage campaign may have been.

      Until now, the hacking group had been focused on regional targets in the Middle East, Facebook said. But the expansion to include Western targets reflects an evolution in the group’s behavior that began last year.

          “Our investigation found that this group invested significant time into their social engineering efforts across the internet, in some cases engaging with their targets for months,” Facebook said in a blog post.

          Facebook will not notify the 533 million users exposed in online database

          Once the hackers had gained entry into a target’s device, they shared more files such as fraudulent Microsoft Excel spreadsheets that contained hidden malicious software that could collect even more information, Facebook said. The malware showed signs of being highly customized — not an “off-the-shelf” product, said Dvilyanski — suggesting the hackers were well-supported. Further investigation showed that the malicious software had been designed by an Tehran-based software firm linked to Iran’s powerful Islamic Revolutionary Guard Corps, Facebook said.

          See also  How Facebook's Mark Zuckerberg Has Navigated an Already-Challenging Year

          On a conference call with reporters, Dvilyanski said Facebook’s cybersecurity group is “confident” about the connection between some of the malware used in the campaign and the IT firm, Mahak Rayan Afraz, and the link to the IRGC. A number of the IT firm’s current and former executives are also connected to other companies under US sanction, according to the Facebook blog post.

          “As far as I know, this is the first public attribution of the groups’ malware” to an entity linked to the Iranian government, Dvilyanski told reporters on a conference call.

          free widgets for website

            In addition to notifying its users who had been targeted by the campaign and disabling accounts belonging to the hackers, Facebook also blocked links on its platform to websites controlled by the group, it said.

            The so-called “phishing” tactics used by the Iranian hackers have been replicated on a wide scale in recent months, with reports of a Russian campaign sending fake emails posing as the US Agency for International Development. On Wednesday, Google said a separate, likely Russian-backed campaign involved fake LinkedIn messages being sent to victims in a bid to compromise iOS devices. Apple patched the flaw in March.

            Read More

            Continue Reading
            Advertisement free widgets for website
            Click to comment

            Leave a Reply

            Your email address will not be published.


            Introducing Facebook Graph API v18.0 and Marketing API v18.0





            Today, we are releasing Facebook Graph API v18.0 and Marketing API v18.0. As part of this release, we are highlighting changes below that we believe are relevant to parts of our developer community. These changes include announcements, product updates, and notifications on deprecations that we believe are relevant to your application(s)’ integration with our platform.

            For a complete list of all changes and their details, please visit our changelog.

            General Updates

            Consolidation of Audience Location Status Options for Location Targeting

            As previously announced in May 2023, we have consolidated Audience Location Status to our current default option of “People living in or recently in this location” when choosing the type of audience to reach within their Location Targeting selections. This update reflects a consolidation of other previously available options and removal of our “People traveling in this location” option.

            We are making this change as part of our ongoing efforts to deliver more value to businesses, simplify our ads system, and streamline our targeting options in order to increase performance efficiency and remove options that have low usage.

            This update will apply to new or duplicated campaigns. Existing campaigns created prior to launch will not be entered in this new experience unless they are in draft mode or duplicated.

            free widgets for website

            Add “add_security_recommendation” and “code_expiration_minutes” to WA Message Templates API

            Earlier this year, we released WhatsApp’s authentication solution which enabled creating and sending authentication templates with native buttons and preset authentication messages. With the release of Graph API v18, we’re making improvements to the retrieval of authentication templates, making the end-to-end authentication template process easier for BSPs and businesses.

            With Graph API v18, BSPs and businesses can have better visibility into preset authentication message template content after creation. Specifically, payloads will return preset content configuration options, in addition to the text used by WhatsApp. This improvement can enable BSPs and businesses to build “edit” UIs for authentication templates that can be constructed on top of the API.

            See also  New report slams Facebook, Instagram and Twitter as 'safe space for racists'

            Note that errors may occur when upgrading to Graph API v18 if BSPs or businesses are taking the entire response from the GET request and providing it back to the POST request to update templates. To resolve, the body/header/footer text fields should be dropped before passing back into the API.

            Re-launching dev docs and changelogs for creating Call Ads

            • Facebook Reels Placement for Call Ads

              Meta is releasing the ability to deliver Call Ads through the Facebook Reels platform. Call ads allow users to call businesses in the moment of consideration when they view an ad, and help businesses drive more complex discussions with interested users. This is an opportunity for businesses to advertise with call ads based on peoples’ real-time behavior on Facebook. Under the Ad set Level within Ads Manager, businesses can choose to add “Facebook Reels” Under the Placements section.
            • Re-Launching Call Ads via API

              On September 12, 2023, we’re providing updated guidance on how to create Call Ads via the API. We are introducing documentation solely for Call Ads, so that 3P developers can more easily create Call Ads’ campaigns and know how to view insights about their ongoing call ad campaigns, including call-related metrics. In the future, we also plan to support Call Add-ons via our API platform. Developers should have access to the general permissions necessary to create general ads in order to create Call Ads via the API platform.

              Please refer to developer documentation for additional information.

            Deprecations & Breaking Changes

            Graph API changes for user granular permission feature

            We are updating two graph API endpoints for WhatsAppBusinessAccount. These endpoints are as follows:

            • Retrieve message templates associated with WhatsAppBusiness Account
            • Retrieve phone numbers associated with WhatsAppBusiness Account

            With v18, we are rolling out a new feature “user granular permission”. All existing users who are already added to WhatsAppBusinessAccount will be backfilled and will continue to have access (no impact).

            The admin has the flexibility to change these permissions. If the admin changes the permission and removes access to view message templates or phone numbers for one of their users, that specific user will start getting an error message saying you do not have permission to view message templates or phone numbers on all versions v18 and older.

            free widgets for website

            Deprecate legacy metrics naming for IG Media and User Insights

            Starting on September 12, Instagram will remove duplicative and legacy, insights metrics from the Instagram Graph API in order to share a single source of metrics to our developers.

            This new upgrade reduces any confusion as well as increases the reliability and quality of our reporting.

            After 90 days of this launch (i.e. December 11, 2023), we will remove all these duplicative and legacy insights metrics from the Instagram Graph API on all versions in order to be more consistent with the Instagram app.

            We appreciate all the feedback that we’ve received from our developer community, and look forward to continuing to work together.

            Please review the media insights and user insights developer documentation to learn more.

            free widgets for website

            Deprecate all Facebook Wi-Fi v1 and Facebook Wi-Fi v2 endpoints

            Facebook Wi-Fi was designed to improve the experience of connecting to Wi-Fi hotspots at businesses. It allowed a merchant’s customers to get free Wi-Fi simply by checking in on Facebook. It also allowed merchants to control who could use their Wi-Fi and for how long, and integrated with ads to enable targeting to customers who had used the merchant’s Wi-Fi. This product was deprecated on June 12, 2023. As the partner notice period has ended, all endpoints used by Facebook Wi-Fi v1 and Facebook Wi-Fi v2 have been deprecated and removed.

            API Version Deprecations:

            As part of Facebook’s versioning schedule for Graph API and Marketing API, please note the upcoming deprecations:

            Graph API

            • September 14, 2023: Graph API v11.0 will be deprecated and removed from the platform
            • February 8, 2024: Graph API v12.0 will be deprecated and removed from the platform
            • May 28, 2024: Graph API v13.0 will be deprecated and removed from the platform

            Marketing API

            • September 20, 2023: Marketing API v14.0 will be deprecated and removed from the platform
            • September 20, 2023: Marketing API v15.0 will be deprecated and removed from the platform
            • February 06, 2024: Marketing API v16.0 will be deprecated and removed from the platform

            To avoid disruption to your business, we recommend migrating all calls to the latest API version that launched today.

            Facebook Platform SDK

            As part of our 2-year deprecation schedule for Platform SDKs, please note the upcoming deprecations and sunsets:

            • October 2023: Facebook Platform SDK v11.0 or below will be sunset
            • February 2024: Facebook Platform SDK v12.0 or below will be sunset

            First seen at

            See also  Why you can't write for Bulletin, Facebook's new Substack clone
            Continue Reading


            Allowing Users to Promote Stories as Ads (via Marketing API)





            Before today (August 28, 2023), advertisers could not promote images and/or videos used in Instagram Stories as ads via the Instagram Marketing API. This process created unwanted friction for our partners and their customers.

            After consistently hearing about this pain point from our developer community, we have removed this unwanted friction for advertisers and now allow users to seamlessly promote their image and/or video media used in Instagram Stories as ads via the Instagram Marketing API as of August 28, 2023.

            We appreciate all the feedback received from our developer community, and hope to continue improving your experience.

            Please review the developer documentation to learn more.

            First seen at

            free widgets for website
            See also  'Misleading' Facebook data leak claims questioned
            Continue Reading


            Launching second release of Facebook Reels API: An enterprise solution for desktop and web publishers





            We’re excited to announce that the second release of FB Reels API is now publicly available for third-party developers. FB Reels API enables users of third-party platforms to share Reels directly to public Facebook Pages and the New Pages Experience.

            FB Reels API has grown significantly since the first release in September 2022. The new version of the APIs now support custom thumbnails, automatic music tagging, tagging collaborators, longer format of reels and better error handling.

            FB Reels API will also support scheduling and draft capability to allow creators to take advantage of tools provided either by Meta or by our partners. Based on the feedback we received from our partners, we’ll now provide additional audio insights via the Audio Recommendations API and reels performance metrics via the Insights API.

            Our goal in the next couple of releases is to continue to make it easier for creators to develop quality content by adding features like early copyright detection and A/B testing. We’re also excited to start working on enhanced creation features like Video clipping- so stay tuned to hear more about those features in the future.


            If you are a developer interested in integrating with the Facebook Reels API, please refer to the Developer Documents for more info.

            free widgets for website

            Not sure if this product is for you? Check out our entire suite of sharing offerings.

            Tune in to Product @scale event to learn more about FB Video APIs and hear from some of our customers.

            First seen at

            See also  Like I Was Sayin': Facebook data reveals users' preferences, company's agenda - Daily Republic
            Continue Reading