Social Media Facebook, Twitter & Google take down malicious content originating from Iran By Indi Authority Marketing Posted on August 27, 2018 5 min read 0 0 145 Share on Facebook Share on Twitter Share on Google+ Share on Reddit Share on Pinterest Share on Linkedin Share on Tumblr Facebook took down 652 Pages, groups and accounts, Twitter removed 284 accounts and Google disabled 42 YouTube channels. Facebook, Twitter, and Google’s security teams are staying busy. All three companies reported this week that they had removed malicious items from their platforms that had originated in Iran — Facebook took down 652 Pages, groups and accounts, Twitter removed 284 accounts and Google disabled a total 42 YouTube channels, 16 Google+ accounts, six Blogger accounts and three Gmail accounts. Twitter disclosed minimal information about the accounts it removed, only sharing the following tweets from the @TwitterSafety handle: Facebook and Google gave more information around the malicious activity they discovered on their platforms, with Facebook offering up examples of posts that had been distributed by the bad actors, along with an overview from its director of security explaining how the company responds to cyber threats. What Google found Working with outside cybersecurity firms Jigsaw and FireEye, Google’s SVP of global affairs, Kent Walker, reported the company disabled three email accounts, three YouTube channels and three Google accounts attached to state-sponsored actors outside of the US who were targeting political campaigns, journalists, activists and academics. Google also named the Islamic Republic of Iran Broadcasting (IRIB) as the group behind the 39 YouTube channels it removed, along with six Blogger accounts and 13 Google+ accounts. Google says the YouTube channels had accumulated a total of 13,466 views within the US, and that there was evidence IRIB’s attack operations go back to at least January 2017. It also has evidence of attacks by other Iranian forces that go back as far as 2011 and 2013. “The state-sponsored phishing attacks, and the actors associated with the IRIB that we’ve described above, are clearly not the only state-sponsored actors at work on the Internet,” writes Walker. “For example, last year we disclosed information about actors linked to the Internet Research Agency (IRA). Since then, we have continued to monitor our systems, and broadened the range of IRA-related actors against whom we’ve taken action.” The 652 accounts removed by Facebook Facebook, which also worked with FireEye, a cybersecurity firm, released the most information around the attacks it discovered on its platform and Instagram, breaking down its investigation into four parts. The first three parts of the investigation involved Pages, groups and accounts identified as “Liberty Front Press” and “Quest 4 Truth” — both powered by Iranian media organizations. The attacks had included campaigns to distribute malicious content, create fake Events and attempts to hack Facebook user accounts and spread malware. The fourth part of the investigation, which was unrelated to the Iranian groups, included the removal of Pages, groups and accounts attached to a Russian military intelligence service. The 652 Pages, groups and accounts that Facebook took down had a total of 983,000 followers and had spent more than $12,000 on advertising.