Meta sues operators of 39,000 phishing sites


Meta, the parent company of Facebook, Instagram and WhatsApp, has filed a lawsuit against the operators of 39,000 phishing sites hosted by Ngrok.

According to  court documents , the company is seeking an injunction and damages of at least $ 500,000 from the operators of the sites mentioned, although their identity has not yet been established (while the defendants are listed in the papers as 100 unnamed John Doe).


The lawsuit alleges that a group of individuals have created over 39,000 phishing sites on their local systems since 2019 and then used the local host's internet relay service, Ngrok, to open those local sites through the domain.

The group then sent the victims links to these domains and collected credentials from their accounts (since the group's sites mimicked login pages for Facebook, Messenger, Instagram and WhatsApp).

Facebook phishing website
Facebook phishing website

“Starting in March 2021, as these attacks increased, we worked with Ngrok to block thousands of URLs leading to phishing sites,” says Jessica Romero, Meta's director of platform security and litigation, today.

At the same time, information security specialists call the claim strange. For example, The Record quotes Crane Hassold, director of threat intelligence at Abnormal Security:

“We've seen other big companies like Microsoft in the past use civil lawsuits to fight phishing threats, but these efforts tend to target the infrastructure where phishing sites are hosted, not anonymous entities as we see in this lawsuit. Facebook ".

According to Hassold, the number of phishing sites associated with Meta products (Facebook, WhatsApp, Instagram) has increased significantly in recent years, which apparently explains the company's new legal tactics. Cofense specialist Tonya Dudley agrees with this:

“I think this lawsuit from Facebook is most likely aimed at setting a precedent for the company to pursue attackers using its brand / name. The lawsuit also demonstrates that the company has the ability to determine who is behind the phishing campaigns. "

Tags: Facebook Meta news court phishing