Meta, the parent company of Facebook, Instagram and WhatsApp, has sued the operators of 39,000 phishing sites hosted by Ngrok.
According to court documents, the company is seeking an injunction and damages of at least $ 500,000 from the operators of the sites mentioned, although their identity has not yet been established (while the defendants are listed in the papers as 100 unnamed John Doe).The lawsuit alleges that a group of individuals have created over 39,000 phishing sites on their local systems since 2019 and then used the local host’s internet relay service, Ngrok, to open those local sites through the ngrok.io domain.
The group then sent the victims links to these ngrok.io domains and collected credentials from their accounts (since the group’s sites mimicked login pages for Facebook Messenger, Instagram and WhatsApp).
Crane Hassold
At the same time, information security specialists call the claim strange. For example, The Record quotes Crane Hassold, director of threat intelligence at Abnormal Security:
According to Hassold, the number of phishing sites associated with Meta products (Facebook, WhatsApp, Instagram) has increased significantly in recent years, which apparently explains the company’s new legal tactics.
Let me remind you that we also wrote that Facebook announced blocking of accounts of companies-cyber-mercenaries, as well as that Facebook (Meta) expands a bug bounty program to combat scraping.
