Facebook has disabled accounts it said were being used by the Palestinian Authority's Preventative Security Service, its internal intelligence organization, to spy on political opponents, journalists, and human-rights activists.
Follow Israel Hayom on Facebook and Twitter
"Today, we're sharing actions we took against two separate groups of hackers in Palestine – a network linked to the Preventive Security Service (PSS) and a threat actor known as Arid Viper – removing their ability to use their infrastructure to abuse our platform, distribute malware and hack people's accounts across the internet," said Facebook's Mike Dvilyanski, head of Cyber Espionage Investigations, and David Agranovich, director of Threat Disruption, in a statement, Wednesday.
The PSS-linked accounts "targeted primarily domestic audiences in Palestine," the statement said, with the activity originating in the West Bank. These accounts also targeted, to a lesser extent, users in Turkey, Iraq, Lebanon, and Libya.
"It relied on social engineering to trick people into clicking on malicious links and installing malware on their devices. Our investigation found links to the Preventive Security Service—the Palestinian Authority's internal intelligence organization," said the statement. "This persistent threat actor focused on a wide range of targets, including journalists, people opposing the Fatah-led government, human rights activists, and military groups including the Syrian opposition and Iraqi military. They used their own low-sophistication malware disguised as secure chat applications, in addition to malware tools openly available on the Internet."
Subscribe to Israel Hayom's daily newsletter and never miss our top stories!
According to an AFP report on Wednesday, the US social media giant also said it had identified and disabled a group affiliated with Hamas and based in the Gaza Strip that was engaged in espionage operations.
In its statement, Facebook did not name Hamas directly, but said the malicious activity "originated in Palestine and targeted individuals in the same region, including government officials, members of the Fatah political party, student groups, and security forces."
"Our investigation linked this campaign to Arid Viper, a known advanced persistent threat actor. It used sprawling infrastructure to support its operations, including over a hundred websites that either hosted iOS and Android malware, attempted to steal credentials through phishing, or acted as command and control servers," said the statement.
Reprinted with permission from JNS.org.
