Business Facebook Page is Hacked !!

It all began a while ago when I noticed a post on Facebook advertising a service for unlocking ads accounts. Intrigued but cautious, I decided to explore this service. However, I was concerned about the potential risks involved, so I set up a virtual machine (VM) to ensure my main system's safety.

In my sandbox environment, I installed a clean version of Windows, Chrome, and AnyDesk. Before allowing remote access, I changed my password to ensure everything remained secure within the VM. Everything seemed to be under control as I monitored the sandbox closely.

The hacker remotely accessed my VM and ran a program from a file.

Unfortunately, I didn't analyze the file's content closely,

https://www.virustotal.com/gui/file/4e7118fd1c5f0f4e5c44835e93d87118befa651bd9d5b7a87eedbecf3b952e4d/behavior

if you need the file to analyze DM me

which turned out to be a mistake. During the remote session, I observed the hacker attempting to export cookies and tokens from my browsers. They assured me that the process was secure and would be updated as needed. Since they didn't ask for my password and my account was protected with 2FA and a unique generated password, I thought it was safe.

However, my perception of security was shattered one day when I logged into my business Facebook account and noticed unusual activity.

The unauthorized  email addresses:

• Amel Recrutement Arvea: lilahnshasta@outlook.com (Admin)
• Bruno Labrador: lieblhosickm@hotmail.com (Admin)
• Kaliyah So Fly Saddler: griecodrostel@hotmail.com (Admin)
• Michael Jabin: bligenburowsu@hotmail.com (Admin)
• Sian Tung: carpenalesnap@hotmail.com (Admin)
  Solcito Silva: nicoleo3ld@hotmail.com (Admin)

I immediately tried to contact support for help. To ensure I received the best assistance, I subscribed to Meta Verified for better messaging support. Starting from March 11, 2024, I began emailing support and continued to follow up with them every week.

Despite my efforts, the hackers took control of my page. They removed me as an admin, renamed the page with a Vietnamese name, and changed the contact details, including the phone number, email, and location. They also deleted all the posts and pictures.

So I try to get help with support again in many ways to pull the process

I tried to get support again in many ways to expedite the process. However, I received a response stating:

"Thank you for your patience while we reviewed your Business Manager. Based on our initial investigation, we don’t believe there is evidence to suggest there was a compromise. There is no action required at this time. We encourage you and your teams to review our account security best practices, which were sent in our prior email. Please contact your Meta representative if you see unauthorized activity on the BM or associated ad accounts."

Frustrated but determined, I decided to prepare official documents to submit to support as proof of the unauthorized actions taken on my account.

This has been a challenging experience, highlighting the importance of robust security measures and the need for vigilant monitoring of online accounts.

Stay tuned for more updates soon.

So Any advice to help me  please DM me
https://web.facebook.com/pigletkps
https://web.whatsapp.com/send/?phone=%2B8562058689898

Thank you for your reading

Mounoydev story