Facebook Says Ukraine Military Accounts Were Hacked To Post Calls For Surrender

An anonymous reader quotes a report from Ars Technica: Facebook today reported an increase in attacks on accounts run by Ukraine military personnel. In some cases, attackers took over accounts and posted "videos calling on the Army to surrender," but Facebook said it blocked sharing of the videos. Specifically, Facebook owner Meta's Q1 2022 Adversarial Threat Report said it has "seen a further spike in compromise attempts aimed at members of the Ukrainian military by Ghostwriter," a hacking campaign that "typically targets people through email compromise and then uses that to gain access to their social media accounts across the Internet." Ghostwriter has been linked to the Belarusian government. "Since our last public update [on February 27], this group has attempted to hack into the Facebook accounts of dozens of Ukrainian military personnel," Meta wrote today. Ghostwriter successfully hacked into the accounts in "a handful of cases" in which "they posted videos calling on the Army to surrender as if these posts were coming from the legitimate account owners. We blocked these videos from being shared." In its February 27 update, Meta said it detected Ghostwriter's "attempts to target people on Facebook to post YouTube videos portraying Ukrainian troops as weak and surrendering to Russia, including one video claiming to show Ukrainian soldiers coming out of a forest while flying a white flag of surrender." Meta said it had "taken steps to secure accounts that we believe were targeted by this threat actor" and "blocked phishing domains these hackers used to try to trick people in Ukraine into compromising their online accounts." But Ghostwriter continued its operations and hacked into accounts of Ukrainian military personnel, as previously mentioned. Separately, Facebook recently removed a network of Russian accounts that were trying to silence Ukrainians by reporting "fictitious policy violations." "Under our Inauthentic Behavior policy against mass reporting, we removed a network in Russia for abusing our reporting tools to repeatedly report people in Ukraine and in Russia for fictitious policy violations of Facebook policies in an attempt to silence them," Meta said today. Providing more detail in its quarterly report, Meta said the removed network included 200 accounts operated from Russia. "The individuals behind it coordinated to falsely report people for various violations, including hate speech, bullying, and inauthenticity, in an attempt to have them and their posts removed from Facebook. The majority of these fictitious reports focused on people in Ukraine and Russia, but the network also reported users in Israel, the United States, and Poland," the report said.

Read more of this story at Slashdot.