New Facebook malware distribution campaign has been detected

Here is how to protect:
Today big malware distribution campaign has been dubbed as “Operation Tripoli”. is another reminder why users cannot trust every link they see on social media sites.

Now, more than ever, social media platforms represent one of the main malware distribution centers. Always remember that hackers have an increased appetite and vision towards exploiting peoples in order to distribute as many malicious payloads as they can for desktop and mobile systems, including those owned by companies too.

“Operation Tripoli” is nothing more than a classic multiyear malware campaign that is constructed to target users all over Facebook, with the main affected population form the US and Canada.

Cybersecurity researchers have spotted this campaign when they encounter a facebook page with
more than 11,000 followers; the trick here lais in the page URLs for downloading files that were loaded with various payloads.
Any Facebook user that ended up clicking on any of those links got infected with a wide variety of highly potent remote administration tools used for spying and stealing data.

Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;

This new page is just the last of more than 30 other Facebook pages that were found since 2014.
Multiple pages from the discovered ones even got 500,000+ followers, so you could imagine how much damage it has been done.

Some of the pages were Libya-related. But the real problem here is that those campaigns are hiding in plain sight, all the malware associated with these pages is usually hosted on file-sharing services such as Dropbox, Google Drive, and Box that everybody knows and trust.

If you work or own a company don’t think for a second that you are saved, among affected or compromised companies are a fashion giant: Libyana, a major mobile operator, and at least one Israeli and Russian company.
The implications are huge it has been recorded that more than half of million Facebook accounts were infected in just one-year trough operation “Operation Tripoli”. Even so, Facebook has removed some of the affected accounts the problem is still dangerous and present.

This operation primary objectiv is to steal all your sensitive and personal data, including credentials to social networks and other online services.
Malware distributed via social media sites poses a major threat for businesses, as well. Research conducted by Bromium earlier this year showed that nearly 20% of organizations had been hit with malware from a social media site, while some 12% had experienced a breach from such malware. At the time Bromium conducted its study, four of the top five sites that were illegally distributing cryptocurrency mining software were hosted on a social media platform.

If we take a look at all the social media existence we found even more worrying fact: more than 1.3 billion users had already had their information compromised in the past five years, and than 50% of stolen data is still available for purchase on underground markets.
Experts advise to stay safe and secured in front of “Operation Tripoli”:

- keep your accounts as private as possible 
- never fallow or check pages and links that you never heard off
- even if a page or user is legit, observe suspicious behavior and keep an eye open for shady links 
- always use multiple layers of cybersecurity solutions 

We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.