Today, the social media giant Meta warned that its observation shows malicious actors spreading their attack infrastructure across multiple platforms to make it more challenging for individual tech companies to detect it. It also sees this shift in tactics as a sign of improved industry crackdowns, with further resources and protections launched for business accounts. Meta has added several new controls, to manage, audit, and limit who can become an account administrator and who can perform sensitive actions. This effort is to make it tougher for attackers to use commonly used strategies. For example, malicious actors might take control of an individual’s account to add the account as an administrator on the target business page.
Meta has also released a step-by-step tool for businesses to recognize and remove malware on their devices and is suggesting using third-party malware scanners. As the company noticed, users often restore control of their Facebook accounts only to be compromised immediately again due to infected devices that were not depurated.
Nathaniel Gleicher, Meta’s head of security policy, said, “We are seeing adversaries working hard, but what we are doing is systematically counteracting them and raising the bar higher for attackers.” Spreading malicious infrastructure across multiple platforms is beneficial to attackers, allowing them to spread ads of fake creators which link to file sharing sites such as Dropbox or Mega. Then, they can upload the data and secure it with passwords.
To prevent this kind of malware, Meta has blocked over 1,000 malicious links relating to generative AI tools since march 2023. Also, it has notified to other tech companies with the malicious URLs.
Meta is an American technology company which provides social stream software, distinct from a digital media company or a technology distributor. The company’s platform helps marketing, communications, operations, and customer service teams interact with customers on social media, as well as at scale across organizations.
As the Head of Security Policy at Meta, Nathaniel Gleicher is responsible for the company’s policy related to the prevention of malicious activity on their platforms. He’s been in charge of global security policy efforts for nearly nine years, contributing heavily to efforts such as combating the terrorist exploitation of technology and driving the tech industry’s information sharing efforts.
