Hackers have apparently abused Facebook to attack the accounts of some Ukrainian personalities – including prominent politicians, military officers and a journalist. The U.S. company has also deleted some 40 accounts, pages and groups that would have deliberately spread misinformation.
Facebook parent company Meta announced on Monday, February 28, 2022, that the company has deleted around 40 fake accounts, pages and groups. According to the statement, the accounts, which were apparently operated from Russia and Ukraine, had attracted increased attention for policy violations and targeted unnatural behavior.
In an official blog post, Meta said that it had stopped the alleged coordinated operation and blocked the relevant domains for its own platforms. In addition, the company has informed other networks and governments about the action.
A Twitter official told Reuters news agency that the group had in turn suspended dozens of accounts and blocked the sharing of several links. Again, there would have been policy violations. Everything also points to the fact that the accounts originate from Russia and want to disrupt the public discourse around the war in Ukraine.
Fake accounts posed as news editors
According to Meta, the identified network used fake accounts to suggest fictitious people and brands across the board. This affected Instagram, Twitter, YouTube, Telegram and other networks in addition to Facebook, it said. The fictitious accounts had also apparently used artificial intelligence (AI) to generate realistic profile pictures.
They also reportedly suggested that they were based in Ukraine and posed as independent news editors, aviation engineers and scientists. The goal was reportedly to portray the Ukrainian army as weakened and Ukraine itself as a failed state.
Meanwhile, Meta’s internal investigation is still ongoing. However, the U.S. group said it could already identify some links to accounts and operations that had deliberately spread false information about the Donbass region and Crimea a few months ago.
Ghostwriter hacker group gains access to accounts of Ukrainian politicians
Meta also said that in recent days it had observed increased hacking attacks on the accounts of several Ukrainian politicians and military representatives. The U.S. company suspects that a group called Ghostwriter is behind the attacks.
According to the report, the hackers had attempted to distribute YouTube videos from the hijacked accounts, which in turn were intended to portray Ukrainian troops as weakened and close to surrender. As a countermeasure, Meta had secured accounts believed to have been the target of a hack attack.
The company would have also blocked the phishing domains that the attackers were using to take control of the accounts to prevent further abuse. The company did not name the affected accounts, but announced that it had warned users as much as possible.
Russia rejects independent fact-checking
Already last Friday, Feb. 26, 2022, Facebook and Twitter announced plans to restrict ads in Russia. Russia responded in a first step by almost completely blocking Twitter in its own country.
As Reuters reports, the Kremlin announced only a short time later that they also wanted to partially restrict Facebook. Parent company Meta now said the move came after the Russian government rejected an independent fact-check by several Russian state media outlets.
Protect social media accounts from hackers
To prevent potential abuse, Meta recommends that people in Russia and Ukraine increase the security of their social media accounts. The company advises caution when accepting friend requests and opening links and files.
As a general rule, users should also use different passwords for different services to prevent hackers from gaining unauthorized access to data. The company also recommends activating two-factor authentication.
Last week, Meta had already introduced additional data protection and security measures in Ukraine. In response to current events, the group now wants to add these in Russia as well, it said.
