Facebook (FB.O) said the group, known in the security industry as SideCopy, shared links to websites hosting malware which could surveil people's devices, reported Reuters news agency.

Targets included people connected to the government, military and law enforcement in Kabul, it said.

Facebook told the British news agency that it removed SideCopy from its platform in August.

Facebook said the group created fictitious personas of young women as "romantic lures" to build trust and trick targets into clicking phishing links or downloading malicious chat apps.

"It's always difficult for us to speculate as to the end goal of the threat actor," Facebook's head of cyber espionage investigations, Mike Dvilyanski told Reuters.

"We don't know exactly who was compromised or what the end result of that was," Mike Dvilyanski said.

Major online platforms and email providers including Facebook, Twitter Inc (TWTR.N), Alphabet Inc's (GOOGL.O) Google and Microsoft Corp's (MSFT.O) LinkedIn have said they took steps to lock down Afghan users' accounts during the Taliban's swift takeover of the country this past summer, reports Reuters.

The Taliban captured power in Afghanistan in swift pace after foreign forces started leaving the country.

The Taliban entered Kabul on Aug 15 and took control over the country.