Meta removes 40 accounts of India’s CyberRoot Risk Advisory for phishing
Social media Meta has taken down over 40 accounts operated by Indian firm CyberRoot Risk Advisory for phishing. The accounts were allegedly involved in hacking-for-hire services, Meta said in a report. The tech giant has also taken down a network of about 900 fake accounts on Instagram and Facebook operated from China by an unknown entity.
These accounts were focused on collecting data of people in Myanmar, India, Taiwan, the US and China, including military personnel, pro-democracy activists, government employees, politicians and journalists, according to the company’s Threat Report on the Surveillance-for-Hire Industry released on December 15.
“We removed a network of more than 40 accounts on Facebook and Instagram operated by an Indian firm called CyberRoot Risk Advisory Private. Rather than directly sharing malware on our apps, this group’s activity manifested primarily in social engineering and phishing, often intended to trick people into giving up their credentials to various online accounts across the internet,” the report said.
According to Meta, CyberRoot used fake accounts to create fictitious personas tailored to gain trust with the people they targeted around the world and to appear more credible, these personas impersonated journalists, business executives and media personalities.
In some cases, CyberRoot also created accounts that were very identical to accounts connected to their targets like their friends and family members, with only slightly changed usernames, likely in an attempt to trick people into engaging, the report said.
Meta said it found CyberRoot targeted people around the world involved in various industries, including cosmetic surgery and law firms in Australia, real estate and investment companies in Russia, private equity firms and pharmaceutical companies in the US, environmental and anti-corruption activists in Angola, gambling entities in the UK, and mining companies in New Zealand.
“They were focused on business executives, lawyers, doctors, activists, journalists and members of the clergy in countries like Kazakhstan, Djibouti, Saudi Arabia, South Africa and Iceland,” the report said.
Meta said it continues to investigate and take action against spyware vendors around the world, including in China, Russia, Israel, the US and India, who targeted people in about 200 countries and territories.
The social media firm in its research has found that the global surveillance-for-hire industry continues to grow and indiscriminately target people including journalists, activists, litigants and political opposition to collect intelligence, manipulate and compromise their devices and accounts across the internet.