Rohingya refugees sue Facebook for USD 150 billion, alleging role in violence
London, Dec 7: Rohingya refugees sued Facebook parent Meta Platforms for more than USD 150 billion over what they say was the company's failure to stop hateful posts that incited violence against the Muslim ethnic group by Myanmar's military rulers and their supporters.
Lawyers filed a class-action lawsuit Monday in California saying "Facebook's arrival in Myanmar helped spread hate speech, misinformation and incitement to violence that amounted to a substantial cause, and eventual perpetuation of, the Rohingya genocide."
Lawyers in the United Kingdom have issued notice of their intention to file a similar legal action. Facebook, which was recently renamed Meta, did not immediately, reply to a request for comment.
It's the latest in a series of accusations that the social media giant fueled misinformation and political violence, outlined in redacted internal documents obtained by a consortium of news organizations, including The Associated Press.
The combined legal claims from Rohingya refugees are being filed on behalf of anyone worldwide who survived the violence or had a relative who died from it.
The Rohingya are a Muslim ethnic group forced to flee persecution and violence in Myanmar starting in 2017, with an estimated 1 million living in refugee camps in neighboring Bangladesh. Some 10,000 have ended up in the United States.
In 2018, United Nations human rights experts investigating attacks against the Rohingya said Facebook had played a role in spreading hate speech.
More than 10,000 Rohingya have been killed and more than 150,000 were subject to physical violence, according to the law firms organizing the cases.
The lawsuits say Facebook's algorithms amplified hate speech against the Rohingya people and that it didn't spend enough money to hire moderators and fact checkers who spoke the local languages or understood the political situation.
They also say Facebook failed to shut accounts and pages or take down posts inciting violence or using hate speech directed at the ethnic group.
Facebook arrived in Myanmar in 2011, arranging for millions of residents to access the internet for the first time, according to the lawsuit filed in California Superior Court for San Mateo County. But the lawsuit says the company did little to warn people about the dangers of online misinformation and fake accounts tactics employed by the military in its campaign against the Rohingya.
The lawsuit says Facebook knew that rewarding users for posting dangerous content and allowing fake accounts created by autocrats to flourish would radicalize users.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
CERT-In warns of ‘ghostpairing’ attack targeting whatsApp users, flags high-risk account takeovers
New Delhi: India’s national cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a high-severity alert warning WhatsApp users of an active account takeover campaign using a new technique known as “GhostPairing," in an advisory released on December 19.
CERT-In said cybercriminals are exploiting WhatsApp’s device-linking feature to gain unauthorised access to user accounts without the need for passwords or SIM card swaps, as reported by The Indian Express. The attackers, the agency warned, deceive users into entering pairing codes, which silently grants control of the account to a malicious device.
ALSO READ: Teen killed in alleged honour killing over inter-community relationship, brother, his friend arrest
According to CERT-In, the GhostPairing method works by tricking victims into approving an attacker’s browser as a trusted linked device. The advisory said, “The attack manipulates users into granting access through a pairing code that appears legitimate." It further added that once access is granted, attackers can fully operate the account through WhatsApp Web.
Last month, the Department of Telecommunications directed messaging platforms such as WhatsApp, Signal and Telegram to implement continuous SIM binding which required accounts to remain linked to an active SIM card. As part of this directive, companion web sessions are expected to be logged out periodically and re-authenticated using QR codes.
CERT-In said the GhostPairing campaign typically begins with a message appearing to come from a trusted contact, often reading, “Hi, check this photo”. The message contains a link designed to mimic a Facebook-style preview, and clicking the link leads users to a fake verification page, where they are prompted to enter their phone number and a code. Victims unknowingly allow attackers to link their WhatsApp account to an external device, by completing these steps,.
Once compromised, attackers can access messages, photos, videos and voice notes in real time, and can impersonate the victim to send messages to individual contacts or groups, the agency said.
The advisory also noted that WhatsApp currently allows multiple devices to be linked to a single account, a feature that is being misused in such attacks. In October, the Indian Cybercrime Coordination Centre under the Ministry of Home Affairs had flagged a related trend involving scammers using social media advertisements to lure users into linking their WhatsApp accounts.
While the government’s SIM-binding push is intended to limit such fraud, it has raised concerns among legal experts and digital rights groups, who argue that constant SIM verification, could affect privacy and disrupt multi-device usage, particularly for professionals.
To reduce risk, CERT-In has urged users to avoid clicking on suspicious links, even if they appear to come from known contacts, and to never enter phone numbers or verification codes on external websites claiming to be linked to WhatsApp or Facebook. Users have also been advised to regularly review the “Linked Devices” section within WhatsApp settings and immediately log out of any unfamiliar sessions.
For organisations relying on WhatsApp for communication, the agency has recommended security awareness training, closer monitoring for phishing attempts, and the establishment of clear response protocols to detect and contain account compromises quickly.
