Facebook shuts APT32’s accounts
According to Facebook, the hacking group conducted phishing and malware attacks targeted at Chinese entities to collect information on the coronavirus crisis. The group has been operational since 2021 and mostly targets foreign governments, journalists, dissents, and various industries. Facebook took the measure of shutting accounts related to the group after it established that they were spreading malware to infect users.
Mike Dvilyanski, Facebook’s cyber Threat Intelligence Manager and Head of Security Policy, Nathaniel Gleicher said that their investigation linked APT32 to the malicious activity. The executives said in a joint statement that APT32 is an advanced determined threat actor based in Vietnam. The group has targeted foreign governments such as Cambodia and Laos, NGOs, news agencies, and several businesses in the IT, hospitality, auto, retail, and mobile services industries with malware. They said that the malicious activity is linked to0 the CyberOne group.