Identity, Threat Intelligence

Malvertising campaigns take aim at Meta business accounts

Big meta fine

Meta business accounts are being hijacked in attacks using fake browser extensions as part of separate malvertising campaigns, according to The Hacker News.

Nearly 40 illicit ads with a video tutorial have been leveraged to facilitate the deployment of a fraudulent Meta Verified browser extension "SocialMetricsPro", which enabled the exfiltration of Facebook session cookies and users' IP addresses, a report from Bitdefender showed.

Pilfered cookies have been leveraged by other variants of the extension alongside Facebook Graph API for further information gathering activities aimed at driving a continuous malvertising campaign cycle.

Another analysis from Cybereason showed that fake artificial intelligence-powered ad optimization websites have also been used to distribute nefarious Meta advertising extensions, which allow total access to websites visited by the compromised user.

"This staged approach reveals a clear threat-actor strategy: first capturing Google identity data, then pivoting to Facebook to broaden access and increase the chances of hijacking valuable business or advertising assets," said Cybereason researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds