Facebook announced that it succeeded in stopping malicious operations carried out by two groups of Palestinian hackers, including one connected to the Palestinian Preventive Security Service, deleted their accounts and blocked domains connected to their activities.
According to the statement, the group connected to the Preventive Security Service focused mainly on communities in the Palestinian Authority and Syria, and to a lesser extent, users in Turkey, Iraq, Lebanon and Libya, leveraging social engineering to make them click on malicious links that installed malware.
The main targets were journalists, opponents of Fatah, human rights activists and military groups such as the Syrian opposition and the Iraqi army. The group set up fictitious personas posing primarily as young women, and also as supporters of Hamas, Fatah, various military groups and others, each profile with a specific target. Some of the profiles were intended to make users install malware immediately, while other targets, apparently, were for building a group of followers for long-term activity.
The second group of hackers called Arid Viper targeted Palestinian officials and politicians who support Fatah, as well as students and members of the security forces. Facebook reported that the group used an extensive infrastructure to carry out phishing attempts to steal security permits and install malware. Unlike the other group, the Arid Viper hacker group was known to Facebook but according to the company, there was a tactical change in the technology used by the group, compared to previous attempted attacks.
"The groups behind these operations are persistent adversaries, and we know they will evolve their tactics in response to our enforcement. However, we keep improving our detection systems and collaborating with other teams in the security community to continue making it harder for these threat actors to remain undetected," Facebook said.