Tenable Research: SilentFade Malware Attacks Facebook’s Ad Platform, Facebook Search

Facebook released new research today about SilentFade malware that is abusing Facebook’s ad platform. Please find below a comment from Satnam Narang, Staff Research Engineer at Tenable.

Facebook’s SilentFade research speaks to the enormous value in social media services due to their billions of users and the monetization opportunities of their advertising platforms. Cybercriminals have found a more direct way to capitalize on the popularity of social media by using the same microtargeting tools found in advertising platforms used by legitimate businesses.

This research fits squarely in the middle of ongoing debates about content moderation on social media. Cybercriminals are adept at countering efforts to thwart their activities. One would think that dubious advertisement could be quickly detected and deleted but, in reality, cybercriminals have pivoted their tactics to evade detection. By compromising legitimate Facebook accounts instead of creating fake ones, they’re providing themselves a layer of obfuscation from moderators in order to conduct their fraudulent activities. Not only that, but they’re also using these account takeover tactics to actually fund their illicit operations by utilizing stored payment information found on these accounts. The scam is cunning, to say the least, and should serve as a warning to other social media services to be extra vigilant and carefully scrutinize the advertisers and advertisements on their platforms.” Satnam Narang, Staff Research Engineer at Tenable.