Today, as part of our quarterly threat reporting<\/a>, we\u2019re sharing updates on how our security, integrity and support teams help protect businesses against malware \u2014 one of the most prevalent threats across the internet. This includes a behind-the-scenes look at how we tackle this challenge from multiple angles at once: malware analysis and threat disruption, product updates, community support and education, information sharing with other companies and holding threat actors accountable.\u00a0<\/span><\/p>\n Last year, we <\/span>shared<\/span><\/a> our insights into <\/span>malicious mobile apps that indiscriminately target the general public and were available in official app stores. Today, we\u2019re publishing detailed findings into aggressive and persistent strains of<\/span> malware targeting business accounts online.\u00a0<\/span><\/p>\n Because these malicious groups are financially motivated, we expect them to continue probing defenses by diversifying their operations to spread across the internet so they can withstand disruptions by any one company \u2014 ours included. That\u2019s why we\u2019re sharing our findings, tips and threat indicators so that the defender community and people using our services can take steps to stay safe.\u00a0<\/span><\/p>\n Threat actors go through many stages to target businesses with malware \u2014 from developing or acquiring malicious software, to hosting it somewhere online, to spreading and delivering it to targets, and hiding it to evade detection by companies like ours. This complexity makes the threat of business-targeting malware an ecosystem challenge, requiring a concerted effort to combat these malicious operations across our entire industry.<\/span><\/p>\n While attack scenarios may vary, threat actors typically disguise malware within innocuous-looking files, as well as mobile apps or browser extensions available in official app stores. Like spammers, they latch onto popular topics like political news or the latest tech or business productivity tools\u00a0 to hide their malware and trick people into clicking on or downloading it.\u00a0<\/span><\/p>\n For example, one of the campaigns we recently disrupted leveraged people\u2019s interest in\u00a0 Open AI\u2019s ChatGPT to lure them into installing malware. In response to detection by our security teams and also our industry peers, we\u2019ve seen bad actors quickly pivot to other themes, including posing as Google Bard, TikTok marketing tools, pirated software and movies, and Windows utilities.\u00a0<\/span><\/p>\n To target businesses, malicious groups often first go after the personal accounts of people who manage or are connected to business pages and advertising accounts. Threat actors may design their malware to target a particular online platform, including<\/span> building in more sophisticated forms of account compromise than what you\u2019d typically expect from run-of-the-mill malware.<\/span><\/p>\n For example, we\u2019ve seen malware families that can attempt to evade two-factor authentication or have the ability to automatically scan for and detect connections between the compromised account and business accounts it might be linked to. <\/span>See more details in our technical threat research<\/a>.<\/span><\/p>\n To help businesses stay safe across their Meta accounts, we\u2019re continuing to roll out protections against malicious activity:<\/span><\/p>\n If you identify unusual behavior on your device or online accounts, it might be a sign that you may have inadvertently downloaded malware. Here are some telltale signs to look out for:<\/span><\/p>\n If you believe you\u2019ve downloaded malicious software, we recommend that you delete it from your device immediately, scan your device with up-to-date antivirus software and follow these instructions to secure your personal and business accounts:<\/span><\/p>\nWhat We\u2019ve Found<\/span><\/h2>\n
\n
How Does Business-Targeting Malware Work?<\/span><\/h2>\n
![\"An](\"https:\/\/about.fb.com\/wp-content\/uploads\/2023\/05\/343326322_573465388220286_4644304410175070908_n.png?resize=960%2C839\")
<\/a><\/p>\n![\"An](\"https:\/\/about.fb.com\/wp-content\/uploads\/2023\/05\/342885832_245646921327528_1192466390666101491_n.png?resize=960%2C769\")
<\/a><\/p>\nProduct and Support Updates<\/span><\/h2>\n
\n
![\"\"](\"https:\/\/about.fb.com\/wp-content\/uploads\/2023\/05\/03_Protect-your-account-1.gif?resize=960%2C659\")
<\/a><\/p>\n\n
How to Know If Your Device is Affected<\/span><\/h2>\n
\n
What to Do If Your Device is Affected<\/span><\/h2>\n
\n
![\"An](\"https:\/\/about.fb.com\/wp-content\/uploads\/2023\/05\/342216513_3511043245838814_9010440730080823404_n.png?resize=960%2C540\")
<\/a><\/p>\n<\/p><\/div>\n