All posts in “social media”

Iranian spies allegedly used Facebook to target U.S. intelligence agents

Not so friendly request.
Not so friendly request.

Image: Ambar Del Moral / mashable

It was just a simple friend request. However, nothing is ever simple when the U.S. intelligence community is involved.

A press release released Wednesday by the Department of Justice details an alleged effort by Iranian government agents to use Facebook to hack members of the American intelligence community. And they had unexpected help. Specifically, a former Department of Defense contractor turned Iranian agent. 

The details of this case are pretty wild, and focus on 39-year-old Monica Elfriede Witt. Witt, the press release notes, is both a former Air Force intelligence specialist and a special agent of the Air Force Office of Special Investigations. She also worked as a Department of Defense contractor, and was granted a “high-level” security clearance. That was all before 2012, when things allegedly took a turn for the treasonous. 

Witt is accused of working with a team of Iranian government-affiliated hackers aiming to install malware on her former colleagues’ computers. And like so many things these days, Facebook played a key role in their plan.

“Specifically, between Jan. and May 2015, the Cyber Conspirators, using fictitious and imposter accounts, attempted to trick their targets into clicking links or opening files that would allow the conspirators to deploy malware on the target’s computer,” reads the press release. “In one such instance, the Cyber Conspirators created a Facebook account that purported to belong to a [U.S. intelligence community] employee and former colleague of Witt, and which utilized legitimate information and photos from the USIC employee’s actual Facebook account.”

Several of Witt’s former colleagues accepted these fake friend requests. According to the unsealed indictment, the malware in question was “designed to capture a target’s keystrokes, access a computer’s web camera, and monitor other computer activity.”

In one such case in 2015, an attachment that looked like a jpg file but was actually a malware-laden zip file was sent via Facebook after a U.S. agent accepted a spoofed friend request.  

They also sent at least one fake Facebook password reset email in an attempt to gain U.S. government target passwords. 

This effort by Witt and her co-conspirators, which was not limited to Facebook, included sending emails that were suspicious on their face. One such email, sent in 2015 to a U.S. government agent, reads almost like a parody of a hacking attempt. 

“I’ll send you a file including my photos but u should deactivate your anti virus to open it because i designed my photos with a photo album software, I hope you enjoy the photos i designed for the new year, they should be opened in your computer honey.”

We reached out to Facebook in an effort to determine what it does to prevent these types of targeted attacks, and what the company thought about Iranian agents using its platform to go after members of the U.S. intelligence community, but have yet to receive a response. 

Witt is still at large. 

Cms%252f2019%252f1%252f02ad2b2e a5e5 bb49%252fthumb%252f00001.jpg%252foriginal.jpg?signature=swq umrm8u9ztlnv1pvstaxqdqa=&source=https%3a%2f%2fvdist.aws.mashable

Instagram confirms that a bug is causing follower counts to change

Instagram confirmed today that an issue has been causing some accounts’ follower numbers to change. Users began noticing the bug about 10 hours ago and the drastic drop in followers caused some to wonder if Instagram was culling inactive and fake accounts, as part of its fight against spam.

“We’re aware of an issue that is causing a change in account follower numbers for some people right now. We’re working to resolve this as quickly as possible,” the company said on Twitter.

The Instagram bug comes a few hours after a Twitter bug messed with the Like count on tweets, causing users to wonder if accounts were being suspended en masse or if they were just very bad at tweeting.

Manipulating an Indian politician’s tweets is worryingly easy to do

Here’s a concerning story from India, where the upcoming election is putting the use of social media in the spotlight.

While the Indian government is putting Facebook, Google and other companies under pressure to prevent their digital platforms from being used for election manipulation, a journalist has demonstrated just how easy it is to control the social media messages published by government ministers.

Pon Radhakrishnan, India’s minister of state for finance and shipping, published a series of puzzling tweets today after Pratik Sinha, a co-founder of fact-checking website Alt News, accessed a Google document of prepared statements and tinkered with the content.

Among the statements tweeted out, Radhakrishnan said Prime Minister Modi’s government had failed the middle classes and had not made development on improving the country’s general welfare. Sinha’s edits also led to the official BJP Assam Pradesh account proclaiming that the prime minister had destroyed all villages and made women slaves to cooking.

These are the opposite of the partisan messages that the accounts intended to send.

The messages were held in an unlocked Google document that contained a range of tweets compiled for the Twitter accounts. Sinha managed to access the document and doctor the messages into improbable statements — which he has done before — in order to show the shocking lack of security and processes behind the social media content.

Sinha said he made the edits “to demonstrate how dangerous this is from the security standpoint for this country.”

“I had fun but it could have disastrous consequences,” he told TechCrunch in a phone interview. “This is a massive security issue from the point of view of a democracy.”

Sinha said he was able to access the document — which was not restricted or locked to prevent changes — through a WhatsApp group that is run by members of the party. Declining to give specifics, he said he had managed to infiltrate the group and thus gain access to a flow of party and government information and, even more surprisingly, get right into the documents and edit them.

What’s equally as stunning is that, even with the message twisted 180 degrees, their content didn’t raise an alarm. The tweets were still loaded and published without any realization. It was only after Sinha went public with the results that Radhakrishnan and BJP Assam Pradesh account begin to delete them.

The Indian government is rightly grilling Facebook and Google to prevent its platform being abused around the election, as evidence suggested happened in the U.S. presidential election and the U.K.’s Brexit vote, but members of the government themselves should reflect on the security of their own systems, too. It would be too easy for these poor systems to be exploited.

2018 really was more of a dumpster fire for online hate and harassment, ADL study finds

Around 37 percent of Americans were subjected to severe hate and harassment online in 2018, according to a new study by the Anti-Defamation League, up from about 18 percent in 2017. And more than half of all Americans experienced some form of harassment, according to the ADL study.

Facebook users bore the brunt of online harassment on social networking sites according to the ADL study, with around 56 percent of survey respondents indicating that at least some of their harassment occurred on the platform — unsurprising, given Facebook’s status as the dominant social media platform in the U.S.

Around 19 percent of people said they experienced severe harassment on Twitter (only 19 percent? That seems low), while 17 percent reported harassment on YouTube, 16 percent on Instagram and 13 percent on WhatsApp .

Chart courtesy of the Anti-Defamation League

In all, the blue-ribbon standards for odiousness went to Twitch, Reddit, Facebook and Discord, when the ADL confined their surveys to daily active users. nearly half of all daily users on Twitch have experienced harassment, the report indicated. Around 38 percent of Reddit users, 37 percent of daily Facebook users and 36 percent of daily Discord users reported being harassed.

“It’s deeply disturbing to see how prevalent online hate is, and how it affects so many Americans,” said ADL chief executive Jonathan A. Greenblatt. “Cyberhate is not limited to what’s solely behind a screen; it can have grave effects on the quality of everyday lives — both online and offline. People are experiencing hate and harassment online every day and some are even changing their habits to avoid contact with their harassers.”

And the survey respondents seem to think that online hate makes people more susceptible to committing hate crimes, according to the ADL.

The ADL also found that most Americans want policymakers to strengthen laws and improve resources for police around cyberbullying and cyberhate. Roughly 80 percent said they wanted to see more action from lawmakers.

Even more Americans, or around 84 percent, think that the technology platforms themselves need to do more work to curb the harassment, hate and hazing they see on social applications and websites.

As for the populations that were most at risk to harassment and hate online, members of the LGBTQ community were targeted most frequently, according to the study. Some 63 percent of people identifying as LGBTQ+ said they were targeted for online harassment because of their identity.

“More must be done in our society to lessen the prevalence of cyberhate,” said Greenblatt. “There are key actions every sector can take to help ensure more Americans are not subjected to this kind of behavior. The only way we can combat online hate is by working together, and that’s what ADL is dedicated to doing every day.”

The report also revealed that cyberbullying had real consequences on user behavior. Of the survey respondents, 38 percent stopped, reduced or changed online activities, and 15 percent took steps to reduce risks to their physical safety.

Interviews for the survey were conducted between December 17 to December 27, 2018 by the public opinion and data analysis company YouGov, and was conducted by the ADL’s Center for Technology and Society. The nonprofit admitted that it oversampled for respondents who identified as Jewish, Muslim, African American, Asian American or LGBTQ+ to “understand the experiences of individuals who may be especially targeted because of their group identity.”

The survey had a margin of error of plus or minus three percentage points, according to a statement from the ADL.

Instagram seems to be testing direct messaging on web

Disclosure

Every product here is independently selected by Mashable journalists. If you buy something featured, we may earn an affiliate commission which helps support our work.

You could be getting Instagram DMs on your desktop soon.
You could be getting Instagram DMs on your desktop soon.

Image: Thomas Trutschel/Photothek via Getty Images

There’s no dearth of messaging platforms on the web, but Instagram DMs have likely become a big part of your online life.

A prototype, spotted by software engineer Jane Manchun Wong, shows the platform making moves toward making its direct messaging service, Direct, accessible via your browser.

Given how many of our interactions happen on Instagram these days, it makes sense to make Direct available outside of the app. If it turns out to be a thing, Direct appears to be available for both desktop and mobile.

Shortly after posting the screenshots, Wong added on Twitter access to the direct messaging feature was disabled. You might remember Instagram also has broken out Direct in its own app.

Launched in 2013, Instagram’s web version has been much more feature-sparse in comparison to the app. You can’t upload posts for one, and while you can like and comment on posts, you can’t react or message in response to Stories.

The prototype comes a few weeks after Facebook revealed it was looking to unify the backend of Instagram, WhatsApp and Messenger. 

That would help make sending messages across these platforms easier, but it raises regulation and privacy questions, and is a significant departure from the independence that was a sacrosanct part of these different platforms.

Mashable has contacted Instagram for comment.

Cms%252f2019%252f2%252f466f6c11 a5f1 c794%252fthumb%252f00001.jpg%252foriginal.jpg?signature=betfx8 30dmnsgca6o eh1hr1tm=&source=https%3a%2f%2fvdist.aws.mashable