Hackers target Israeli Facebook pages using content filter breach

Israel Internet Association says attackers manipulate platform's content filter mechanism to take over business pages, flood them with harmful content and triggering suspensions

Roei Hahn|
The Israel Internet Association (ISOC-IL) warned on Monday that hackers have found a security breach on Facebook to target Israeli business pages.
  • Follow Ynetnews on Facebook and Twitter

  • Hackers are using the platform's content filter mechanism to gain full access to Facebook accounts while locking users out without an option to report the attack.
    3 View gallery
    נחסמים ללא התראה מראש
    נחסמים ללא התראה מראש
    A message on a Facebook page that was banned
    (Photo: Israel Internet Association)
    Recently, the ISOC-IL has been receiving dozens of complaints from Israeli businesses about losing access to their Facebook accounts.
    "In the past few months, we have received dozens of reports about hacking incidents", said Jonathan Ben-Horin, an internet security coordinator for the Israel Internet Association.
    Hackers have managed to manipulate Meta's content-filtering mechanism, which is programmed to block content such as pedophilia, sexual abuse, or terrorism. The algorithm flags and blocks pages and profiles that promote harmful content on the company's various platforms. Besides removing the content, the system also terminates the accounts of the page owners and users that promoted it.
    3 View gallery
    (Photo: Reuters)
    "Our first and most significant recommendation to all Meta users is to enable two-factor authentication across all accounts, especially if these are business accounts. We also recommend adding another managing account to the business page, so in case the page is hacked, the owner could still have access to it even if one of the accounts has been locked out," Ben-Horin added.
    But before hijacking the algorithm, attackers need access to an account of one of the page owners. To that end, hackers use a diversity of tactics, including phishing scams. In more extreme cases, users' information was stolen using malware installed on their computers.
    Once hackers obtain access to an account, they flood the page with harmful content that violates Facebook's terms of service. This triggers the platform's content filter to jump into action and ban the page owner's account.
    3 View gallery
    פריצה לפייסבוק, אילוסטרציה
    פריצה לפייסבוק, אילוסטרציה
    (Photo: Shutterstock)
    Some add additional administrators to the page, thereby completely cutting off the page owner from access.
    Businesses using Facebook's ad system to promote their page also risk getting their credit card information compromised.
    In these cases, hackers gain full access to a victim's credit information. The ad system is sometimes also manipulated to promote third-party content using the hacker's advertising service.
    The commenter agrees to the privacy policy of Ynet News and agrees not to submit comments that violate the terms of use, including incitement, libel and expressions that exceed the accepted norms of freedom of speech.