Hundreds of people across the Middle East and North Africa have been infected with malware after clicking on links in politically charged Facebook advertisements. Six years ago, a threat actor going by the name “Dexter Ly” infected tens of thousands of primarily Libyan citizens with various remote access Trojans (RATs). They pulled it off by impersonating well-known political and military figures in the country on Facebook, publishing posts about current events that contained shortened links to malicious landing pages. It appears that a Dexter-associated entity might be back now, with pretty much the same kind of campaign, this time aimed more widely at victims across the Middle East and North Africa. “This campaign represents an evolution of social engineering tactics targeting regions with growing digital adoption and cryptocurrency usage,” says J. Stephen Kowski, field CTO at SlashNext Email Security. “These attacks are becoming increasingly common in the Middle East as threat actors recognize the region’s strategic importance and potentially less mature security awareness.”
‘Desert Dexter’ Hot Button Facebook Ads Tag Mideast Victims (Nate Nelson, Dark Reading)
Related articles
