• Sunday, Jul 03, 2022
  • Last Update : 04:24 pm

Facebook takes action against hackers in Bangladesh, Vietnam

  • Published at 01:11 pm December 11th, 2020

The Bangladesh-based group targeted local activists, journalists and religious minorities, including those living abroad

Social media giant Facebook said it has taken action against two separate groups of hackers -- an unnamed group based in Bangladesh and APT32 in Vietnam.

The authorities removed the hackers’ ability to use their infrastructure to abuse the platform, distribute malware and hack people’s accounts across the internet.

In an announcement on the company's website, Facebook Head of Security Policy Nathaniel Gleicher and Cyber Threat Intelligence Manager Mike Dvilyanski wrote about the decision on Thursday. 

The operation from Bangladesh focused on compromising accounts across platforms and coordinating reporting to get targeted accounts and pages removed from Facebook, whereas the operation from Vietnam focused primarily on spreading malware to its targets.

The Bangladesh-based group targeted local activists, journalists and religious minorities, including those living abroad, to compromise their accounts and have some of them disabled by Facebook for violating its community standards.

Facebook’s investigation linked this activity to two non-profit organizations in Bangladesh: Don’s Team, alias Defence of Nation, and the Crime Research and Analysis Foundation (CRAF). They appeared to be operating across a number of internet services.

Don’s Team and CRAF collaborated to report people on Facebook for fictitious violations of the social media network’s community standards, including alleged impersonation, intellectual-property infringements, nudity and terrorism, according to the announcement.

They also hacked people’s accounts and pages, and used some of these compromised accounts for their own operational purposes, including to amplify their content. On at least one occasion, after a page admin’s account was compromised, they removed the remaining admins to take over and disable the page.

Facebook’s investigation suggests that these targeted hacking attempts were likely carried out through a number of off-platform tactics including email and device compromise and abuse of its account recovery process.

To disrupt this activity, Facebook removed the accounts and pages behind this operation. They shared information about this group with their industry partners so they too can detect and stop this activity. 

They encouraged people to remain vigilant and take steps to protect their accounts, avoid clicking on suspicious links and downloading software from untrusted sources that can compromise their devices and information stored on them.


Meanwhile, APT32, an advanced persistent threat actor based in Vietnam, targeted -- Vietnamese human rights activists locally and abroad, various foreign governments including those in Laos and Cambodia, non-governmental organizations, news agencies and a number of businesses across information technology, hospitality, agriculture and commodities, hospitals, retail, the auto industry, and mobile services -- with malware. 

Facebook’s investigation linked this activity to CyberOne Group, an IT company in Vietnam.

As the social media giant’s industry partners have previously reported, APT32 has deployed a wide range of adversarial tactics across the internet.

Facebook has been tracking and taking action against this group for several years. Their most recent investigation analyzed a number of notable tactics, techniques and procedures (TTPs).

Facebook 50
blogger sharing button blogger
buffer sharing button buffer
diaspora sharing button diaspora
digg sharing button digg
douban sharing button douban
email sharing button email
evernote sharing button evernote
flipboard sharing button flipboard
pocket sharing button getpocket
github sharing button github
gmail sharing button gmail
googlebookmarks sharing button googlebookmarks
hackernews sharing button hackernews
instapaper sharing button instapaper
line sharing button line
linkedin sharing button linkedin
livejournal sharing button livejournal
mailru sharing button mailru
medium sharing button medium
meneame sharing button meneame
messenger sharing button messenger
odnoklassniki sharing button odnoklassniki
pinterest sharing button pinterest
print sharing button print
qzone sharing button qzone
reddit sharing button reddit
refind sharing button refind
renren sharing button renren
skype sharing button skype
snapchat sharing button snapchat
surfingbird sharing button surfingbird
telegram sharing button telegram
tumblr sharing button tumblr
twitter sharing button twitter
vk sharing button vk
wechat sharing button wechat
weibo sharing button weibo
whatsapp sharing button whatsapp
wordpress sharing button wordpress
xing sharing button xing
yahoomail sharing button yahoomail