A new security report from Meta, the parent company of Facebook, revealed that a Belarus-aligned hacking group has compromised the Facebook accounts of Ukrainian military personnel and posted fake messages and videos calling on the Ukrainian army to surrender.
Meta Confirms Military Personnel Was Hacked
The hacking campaign, previously called "Ghostwriter" by security researchers, was carried out by a group named UNC1151, which has been connected to the Belarusian government in research conducted by Mandiant, according to The Verge.
In early 2022, a security update from Meta flagged activity from the Ghostwrite operation. Since the update, the company said that the group had attempted to compromise several accounts, even though it had only been successful in a handful of cases.
Where successful, the hackers behind Ghostwriter had been able to post videos from the compromised Facebook accounts, but Meta said that it had blocked the videos from being shared on the platform.
Also Read: Microsoft: North Korean and Russian Hackers Successfully Attacked Coronavirus Vaccine Makers
The spreading of fake surrender messages has already been a tactic of hackers who compromised television networks in Ukraine and planted fake reports of a Ukrainian surrender into the chyrons of broadcast news.
Though the statements can be disproved, experts have suggested that their purpose is to erode the trust of Ukrainians in the media, according to CBS News.
Ghostwriter Hacks Spreading Fake Messages
The details of the latest Ghostwriter hacks were published in the first installment of Meta's Adversarial Threat Report, an offering from the company that creates the same report from December 2021 that detailed threats faced throughout 2021.
While Meta has published regular reports in the past on coordinated inauthentic behavior on the social media platform, the scope of the new threat report is wider. The report also encompasses espionage operations and other emerging threats like mass content reporting campaigns.
Aside from the hacks against the military personnel, the latest report also details a range of other actions conducted by pro-Russian threat actors, including covert influence campaigns against numerous Ukrainian targets.
In one case from the report, the company alleges that a group connected to the Belarusian KGB attempted to organize a protest event against the Polish government in Warsaw, even though the event and the account that created it were taken offline.
Even though foreign influence operations like these make up some of the most notable details of the threat report, Meta said it has also seen an increase in influence campaigns conducted by local governments against their own citizens.
On Apr. 6, Facebook's president of global affairs, Nick Clegg, said that the attacks on internet freedom had intensified, according to The New York Times.
According to Clegg, while much of the public attention in recent years has been focused on foreign interference, domestic threats are on the rise globally.
Just as in 2021, more than half the operations that the company disrupted in the first three months of 2022 targeted people in their own countries, including by hacking people's accounts, running deceptive campaigns, and falsely reporting content to Facebook to silence critics.
Clegg said that authoritarian regimes looked to control access to information in two ways. First, it pushes propaganda through state-run media and influence campaigns, and second, it shuts down the flow of credible alternative sources of information.
In September 2021, the EU reported that the Ghostwriter is connected to Russia.
Google also reported that Ghostwriter plans to target businesses and organizations.
Related Article: Russia Sandworm Hackers Built a Firewall Called 'Cyclops Blink' and it Raises Alarms on Cybersecurity
This article is owned by Tech Times
Written by Sophie Webster
