Symantec now says that Thrip is likely another threat group — known Billbug or Lotus Blossom — that has been operating against targets in South Asia for approximately a decade.

In recent years the group has compromised organizations in the U.S., Europe, and Japan.

The specific identification of Nic Gabunada, former chief executive of Omnicom Media Group Philippines, marks a departure for Facebook in its efforts against "coordinated inauthentic behavior."

A Citizen Lab researcher, Bill Marczak, was also targeted during the course of the investigation.

Sensitive Philippine government documents acquired by a hacker group with suspected ties to the Vietnamese government have been floating on the public internet, according to evidence gathered by CyberScoop.