---
title: "Facebook Page Hijacking, $75m Ransom Payment, And State-Sponsored Spyware | DMARC Report"
description: "Fake AI photo-editor ads hijack Facebook pages, a Fortune 50 firm pays Dark Angels $75M ransom, and LianSpy spyware targets Android users in Russia."
image: "https://dmarcreport.com/og/blog/facebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware.png"
canonical: "https://dmarcreport.com/blog/facebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware/"
---

Quick Answer

An unnamed Fortune 50 company paid a $75 million ransom to the Dark Angels group, one of the largest ransomware payments on record and well above prior payments by CNA Financial ($40M), Caesars ($15M), and JBS ($11M). A malvertising campaign hijacked Facebook pages by promoting a fake AI photo editor that installed an infostealer, generating about 1,200 macOS and 16,000 Windows downloads. Researchers also documented LianSpy, an Android post-exploitation trojan first observed in March 2024 that uses root privileges to monitor call logs, messages, and screen activity on targeted Russian users.

Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Ffacebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Facebook%20Page%20Hijacking%2C%20%2475m%20Ransom%20Payment%2C%20And%20State-Sponsored%20Spyware&url=undefined%2Fblog%2Ffacebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Ffacebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Ffacebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware%2F&title=Facebook%20Page%20Hijacking%2C%20%2475m%20Ransom%20Payment%2C%20And%20State-Sponsored%20Spyware "Share on Reddit") [ ](mailto:?subject=Facebook%20Page%20Hijacking%2C%20%2475m%20Ransom%20Payment%2C%20And%20State-Sponsored%20Spyware&body=Check out this article: undefined%2Fblog%2Ffacebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware%2F "Share via Email") 

![Facebook Page Hijacking, $75m Ransom Payment, And State-Sponsored Spyware](https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg) 

![Dmarc record generator 7815 150x150](https://media.mailhop.org/dmarcreport/images/2024/08/dmarc-record-generator-7815-150x150.jpg) 

> Email authentication isn’t just about preventing spoofing - it’s about trust, says Vasile Diaconu, Operations Lead at DuoCircle. Every email your organization sends either builds trust or erodes it. SPF, DKIM, and DMARC are the foundation of that trust. Without them, receivers have no way to distinguish your legitimate email from an attacker’s.

```
					DMARC Report					

				
```

Facebook Page Hijacking, $75m Ransom Payment, And State-Sponsored Spyware

```
					<button title="Play" aria-label="Play Episode" aria-pressed="false" class="play-btn">
						
```

Play Episode

```
					</button>
					<button title="Pause" aria-label="Pause Episode" aria-pressed="false" class="pause-btn hide">
						
```

Pause Episode

```
					</button>
				

					<audio preload="none" class="clip clip-14844">
						<source src="https://media.mailhop.org/dmarcreport/images/2024/08/Facebook-Page-Hijacking-75m-Ransom-Payment-And-State-Sponsored-Spyware.mp3">
					</audio>
						

							<button class="player-btn player-btn__volume" title="Mute/Unmute">
								
```

Mute/Unmute Episode

```
							</button>
							<button data-skip="-10" class="player-btn player-btn__rwd" title="Rewind 10 seconds">
								
```

Rewind 10 Seconds

```
							</button>
							<button data-speed="1" class="player-btn player-btn__speed" title="Playback Speed" aria-label="Playback Speed">1x</button>
							<button data-skip="30" class="player-btn player-btn__fwd" title="Fast Forward 30 seconds">
								
```

Fast Forward 30 seconds

```
							</button>
						

							<time class="ssp-timer">00:00</time>
							
```

/

```
							<!-- We need actual duration here from the server -->
							<time class="ssp-duration" datetime="PT0H1M58S">1:58</time>
			

								<nav class="player-panels-nav">
												<button class="subscribe-btn" id="subscribe-btn-14844" title="Subscribe">Subscribe</button>
																		<button class="share-btn" id="share-btn-14844" title="Share">Share</button>
										</nav>

						
```

RSS Feed

```
							<input value="https://dmarcreport.com/feed/podcast/dmarc-report" class="input-rss input-rss-14844" title="RSS Feed URL" readonly />
						

						<button class="copy-rss copy-rss-14844" title="Copy RSS Feed URL" aria-label="Copy RSS Feed URL"></button>
					

						Share						
					

						<a href="https://www.facebook.com/sharer/sharer.php?u=https://dmarcreport.com/blog/podcast/facebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware/&t=Facebook Page Hijacking, $75m Ransom Payment, And State-Sponsored Spyware" target="blank" rel="noopener noreferrer" class="share-icon facebook" title="Share on Facebook">
							

						</a>
						<a href="https://twitter.com/intent/tweet?text=https://dmarcreport.com/blog/podcast/facebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware/&url=Facebook Page Hijacking, $75m Ransom Payment, And State-Sponsored Spyware" target="blank" rel="noopener noreferrer" class="share-icon twitter" title="Share on Twitter">
							

						</a>
						<a href="https://media.mailhop.org/dmarcreport/images/2024/08/Facebook-Page-Hijacking-75m-Ransom-Payment-And-State-Sponsored-Spyware.mp3" target="blank" rel="noopener noreferrer" class="share-icon download" title="Download" download>
							

						</a>
					

						Link						
					

						<input value="https://dmarcreport.com/blog/podcast/facebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware/" class="input-link input-link-14844" title="Episode URL" readonly />
					

					<button class="copy-link copy-link-14844" title="Copy Episode URL" aria-label="Copy Episode URL" readonly=""></button>
					

						Embed						

					
```

/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-14844” readonly/>

```
					<button class="copy-embed copy-embed-14844" title="Copy Embed Code" aria-label="Copy Embed Code"></button>


```

Just when you think that, finally, the world is safe from [cyberattacks](https://www.cbsnews.com/news/cdk-attack-cyber-ransom-event/), yet another instance pops up on your digital screen. The only key is to \*\*stay vigilant and educate yourself \*\*about the evolving trends in the cybercrime world. Staying well-versed with day-to-day cyberattacks and technological advancements help you keep your data and money safe and secure .

That’s why we are here to keep you updated about what’s happening across the cyber world.

_For example, a Fortune 50 company went on to pay a ransom worth $75M, one of the highest to date_. On the other hand, a [malvertising campaign](https://thehackernews.com/2023/12/new-malvertising-campaign-distributing.html) has been using phishing tactics to pry into and steal the \*\*Facebook account details of users. Lastly, a high-end Android spyware is targeting naive users in Russia.

Let’s find out more about these **cyber mishaps**.

![What is dmarc](https://media.mailhop.org/dmarcreport/images/2024/08/what-is-dmarc-7816.jpg) 

## Facebook pages being hijacked by threat actors to access user details!

Facebook, one of the most popular **s**ocial media platforms in the world, is again being targeted by threat actors. This time, they are focusing on Facebook pages to gain access to **sensitive user data**. The campaign involves promoting naive users to download a legit AI photo editor. But when the users try to download the same, they end up installing a [malicious infostealer](https://www.linkedin.com/pulse/what-infostealer-malware-how-does-work-uniteditconsultants-loxoe).

As of 2025, DMARC is mandatory under multiple compliance frameworks. [CISA BOD 18-01](https://www.cisa.gov/news-events/directives/bod-18-01) requires p=reject for US federal domains. [PCI DSS v4.0](https://www.pcisecuritystandards.org/) mandates DMARC for organizations processing payment card data as of March 2025\. Google and Yahoo require DMARC for bulk senders (5,000+ messages/day) since February 2024, and [Microsoft began rejecting](https://learn.microsoft.com/en-us/defender-office-365/email-authentication-dmarc-configure) non-compliant email in May 2025\. The UK [NCSC](https://www.ncsc.gov.uk/collection/email-security-and-anti-spoofing), Australia’s [ASD](https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism/cyber-security-guidelines/guidelines-email), and Canada’s [CCCS](https://www.cyber.gc.ca/en/guidance/implementation-guidance-email-domain-protection) all mandate DMARC for government domains. Cyber insurers increasingly require DMARC enforcement as an underwriting condition.

The malvertising campaign is leveraging different types of threat tactics such as [social engineering](https://www.bleepingcomputer.com/news/security/how-to-make-your-web-apps-resistant-to-social-engineering/), phishing, spoofing, etc. The increasing popularity of \*\*AI-generated \*\*and [AI-enhanced photographs](https://create.vista.com/features/ai-image-generator/) are also proving to be of great help to these threat actors. 

While threat actors exploit Facebook paid ad campaigns to lure users into malicious schemes, it is equally crucial to implement [email authentication protocols](https://dmarcreport.com/what-is-dmarc/) such as [SPF](https://dmarcreport.com/what-is-spf/), [DKIM](https://dmarcreport.com/what-is-dkim/), and [DMARC](https://dmarcreport.com/). These protocols help verify the sender’s identity and safeguard against phishing and spoofing attacks, **complementing broader** [cybersecurity](https://dmarcreport.com/blog/how-to-educate-or-train-employees-on-cybersecurity/) measures.

The attackers, after getting control of the Facebook page, start promoting the [artificial intelligence-backed photo editing tool](https://zapier.com/blog/best-ai-photo-editor/). Users then inadvertently download an endpoint management utility.

The \*\*malicious campaign has so far been successful in generating around 1,200 downloads on [macOS](https://en.wikipedia.org/wiki/MacOS) and 16,000 downloads on Windows devices.

## A Fortune 50 company pays a staggering ransom amount worth $75M to threat actors!

A Fortune 50 company has grabbed all eyeballs by paying a whopping $75M ransom demanded by a group of cyber attackers named **Dark Angel**. Authorities have been tight-lipped about the name of the company. This is not the first instance when the corporate world is getting attention for paying ransoms.

3 years back, [CNA Financial](https://investor-relations.cna.com/news/news-details/2024/CNA-FINANCIAL-ANNOUNCES-SECOND-QUARTER-2024-NET-INCOME-OF-1.17-PER-SHARE-AND-CORE-INCOME-OF-1.19-PER-SHARE/default.aspx), an Illinois-based company, paid a ransom worth [$40M](https://www.bloomberg.com/news/articles/2021-05-20/cna-financial-paid-40-million-in-ransom-after-march-cyberattack). In 2023, Caesars Palace paid [$15M](https://www.darkreading.com/application-security/mgm-caesars-incident-responses-required-brutal-choices) to meet the demand. A meat \*\*manufacturer JBS also paid [$11M ](https://www.wsj.com/articles/jbs-paid-11-million-to-resolve-ransomware-attack-11623280781)to get rid of the ransomware attackers.

![Create dmarc record](https://media.mailhop.org/dmarcreport/images/2024/08/create-dmarc-record.jpg) 

Dark Angels first came into the scenario back in 2022\. The group targets high-value victims such as S&P 500 companies. There are several industries that they keep an eye on, such as education, telecommunications, manufacturing, healthcare, finance, and government. They created a sensation across the cyber world by attacking the VMware ESXi hypervisors of **Johnson Controls International (JCI)** and went on to access a mind-boggling[ 27 terabytes worth of data](https://www.darkreading.com/cloud-security/ransomware-gangs-exploit-esxi-bug-for-instant-mass-encryption-of-vms). Dark Angels is known for its unconventional ransomware attack choices. Instead of operating as a [ransomware-as-a-service](https://dmarcreport.com/blog/understanding-ransomware-as-a-service-raas/) business, it leverages encryptors such as Babuk and Ragnar Locker.

## State-backed Android spyware targets Russian users!

For the last three years, an unknown [threat actor](https://www.techtarget.com/searchsecurity/news/366587176/Threat-actor-targeting-Snowflake-database-customers) has been targeting Android smartphone users in Russia. The threat is known by the name of LianSpy. A **post-exploitation Trojan**, LianSpy is known for its ability to grow swiftly, unlike other spyware tools.

LianSpy was first identified in March 2024 . The Android spyware is highly dependent on user interaction. First, the [malware checks](https://www.sitelock.com/blog/check-website-for-malware/) if it has all the necessary permissions to carry out the malicious activities. If there’s a permission issue, it prompts the users accordingly. Once the malware gets the necessary permission, the next step involves registering the **Android Broadcast Receiver**. _The aim is to receive and respond to phone system events such as low battery, network, and booting_. After the launch, the malware conveniently removes its icon from the phone’s home screen and keeps operating in the background.

_LianSpy keeps prying into your daily smartphone activity. For example, it can easily keep a tab on your call logs_. Also, the [Android spyware](https://www.foxnews.com/tech/beware-new-android-malware-empties-your-bank-account-clears-your-device-completely) keeps recording your screen and gains smooth access to whatever messages you are sending or receiving\*\*.

LianSpy is not a \*\*one-of-its-kind malware attack. _There are other spyware tools such as Pegasus software, Intellexa Alliance’s predator, BadBazaar, SandStrike, and so on_.

LianSpy prefers to keep it slow and offbeat. So it leverages its root privileges in order to evade security setups . Also, it uses the [root privileges](https://phoenixnap.com/glossary/what-is-root-access) on compromised devices only. Apart from prying into your **call logs and messages**, the app also keeps a tab on your app lists.

[LianSpy](https://thehackernews.com/2024/08/new-android-spyware-lianspy-evades.html) is quite different from other financially motivated malware and simply focuses on targeted **data-gathering operations**.

## Sources

- [CISA Binding Operational Directive 18-01](https://www.cisa.gov/news-events/directives/bod-18-01)
- [Microsoft Outlook DMARC Enforcement May 2025](https://learn.microsoft.com/en-us/defender-office-365/email-authentication-dmarc-configure) (2025)
- [PCI DSS v4.0 - DMARC Requirement](https://www.pcisecuritystandards.org/) (2025)

## Topics

[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ News ](/tags/news/)[ SPF ](/tags/spf/) 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead for DMARC Report's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Take control of your DMARC reports

Turn raw XML into actionable dashboards. Start free - no credit card required.

[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/) 

## Related Articles

[  Foundational 4m  Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing  May 29, 2025 ](/blog/adidas-data-breach-whatsapp-image-threat-silent-ransom-vishing/)[  Foundational 4m  Africa Fights Cybercrime, Attention Farmers Customers, Apple Prevents Threats  Aug 28, 2025 ](/blog/africa-fights-cybercrime-attention-farmers-customers-apple-prevents-threats/)[  Foundational 4m  AI Scam Alert, Federal Cuts Vulnerability, American Tire Cyberattack  Sep 9, 2025 ](/blog/ai-scam-alert-federal-cuts-vulnerability-american-tire-cyberattack/)[  Foundational 4m  Akira flaunts victims, Idaho targets orthodontist, AI granny protects  Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)

```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Facebook Page Hijacking, $75m Ransom Payment, And State-Sponsored Spyware","description":"Fake AI photo-editor ads hijack Facebook pages, a Fortune 50 firm pays Dark Angels $75M ransom, and LianSpy spyware targets Android users in Russia.","url":"https://dmarcreport.com/blog/facebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware/","datePublished":"2024-08-08T06:32:13.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2024-08-08T06:32:13.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://dmarcreport.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/facebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware/"},"articleSection":"foundational","keywords":"dkim, DMARC, News, SPF","wordCount":1100,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Facebook Page Hijacking, $75m Ransom Payment, And State-Sponsored Spyware","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Facebook Page Hijacking, $75m Ransom Payment, And State-Sponsored Spyware","item":"https://dmarcreport.com/blog/facebook-page-hijacking-75m-ransom-payment-and-state-sponsored-spyware/"}]}
```