Once inside a compromised Facebook user’s account, the attackers would use the associated payment method to purchase malicious ads, ultimately draining $4 million from victims during their spree. Facebook first detected the attacks in late 2018 and after extensive investigation the company filed a civil suit against a firm, ILikeAd Media International Company Ltd., and two Chinese nationals that allegedly developed the malware and ran the attacks.

Read full article on Wired – Threat Level