Back

30,000 Facebook Accounts Compromised in Google AppSheet Phishing Scheme

Severity: High (Score: 68.0)

Sources: Ground.News, Cybersecuritynews, Gbhackers, Thehackernews

Summary

A Vietnamese-linked cyber operation, codenamed AccountDumpling, has compromised around 30,000 Facebook accounts through a sophisticated phishing campaign. The attackers exploited Google AppSheet to send fully authenticated phishing emails, bypassing traditional email security measures. This method allowed them to harvest user credentials and identity documents effectively. The stolen accounts are being sold on an illicit marketplace operated by the threat actors. Guardio Labs discovered this operation, highlighting its global impact. The campaign also utilizes platforms like Netlify and Telegram to enhance its reach and effectiveness. Currently, there are no specific patches or CVEs mentioned to mitigate this threat. Organizations are advised to enhance their email security protocols and user education to combat such phishing attempts. Key Points: • 30,000 Facebook accounts compromised via a phishing campaign using Google AppSheet. • Attackers bypassed email security by sending authenticated phishing emails. • Stolen accounts are being sold on an illicit marketplace run by the threat actors.

Key Entities

  • Phishing (attack_type)
  • AccountDumpling (campaign)
  • Facebook Phishing Campaign (campaign)
  • T1566 - Phishing (mitre_attack)
  • AppSheet (platform)
  • Facebook (platform)
  • Netlify (platform)
  • Telegram (platform)
  • Google AppSheet (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed