Final sale: Private messages from 81,000 hacked Facebook accounts for 10 cents each
CALIFORNIA – November 2, 2018
Hackers appear to have compromised and published private messages from at least 81,000 Facebook users’ accounts. Quite a large percentage of the victims are in Russia and Ukraine.
The perpetrators told the BBC Russian Service that they had details from a total of 120 million accounts, which they were attempting to sell, although there are reasons to be skepticalabout that figure.
Facebook reported that its security had not been compromised. It is likely that hackers have obtained data through malicious browser extensions. Facebook also added that it has taken steps to prevent further accounts being affected.
According to the BBC, at the beginning of September on an English-language internet forum Blackhatworld there was a post from a user nicknamed FBSaler about the sale of personal information of users of Facebook.
“We sell personal information of Facebook users. Our databaseincludes 120 million accounts,” the user wrote. “The cost of one account is 10 cents,” he wrote, giving a link to the site Fbserveras confirmation, which laid out part of the information as an example of what is at stake.
The BBC learned many of the users whose details have been compromised are based in Ukraine and Russia. However, some are from the UK, US, Brazil and elsewhere.
The cyber-security company Digital Shadows examined the claim on behalf of the BBC and confirmed that more than 81,000 of the profiles posted online as a sample contained private messages.
Data from a further 176,000 accounts was also made available, although some of the information — including email addresses and phone numbers — could have been scraped from members who had not hidden it.
The BBC writes that the cause of the leak could be malicious browser extensions that were disguised as bookmark managers, puzzle games and so on. They were distributed for Chrome, Opera and Firefox.
As stated in Facebook, such extensions secretly monitor user activity in the social network, while sending private conversations to cybercriminals.
Independent cyber-experts have told the BBC that if rogue extensions were indeed the cause, the browsers’ developers might share some responsibility for failing to vet the programs, assuming they were distributed via their marketplaces.
But the hack is still bad news for Facebook.
The embattled network has had a terrible year for data security and questions will be asked about whether it is proactive enough in responding to situations like this that affect large numbers of people.
The BBC Russian Service emailed the address listed alongside the hacked details, posing as a buyer interested in buying two million accounts’ details.
The advertiser was asked whether the breached accounts were the same as those involved in either the Cambridge Analytica scandal or the subsequent security breach revealed in September.
The BBC contacted five people who confirmed the private messages were theirs.
A reply in English came from someone calling himself John Smith, saying the information had nothing to do with either data leak.
He claimed that his hacking group could offer data from 120 million users, of whom 2.7 million were Russians.
But Digital Shadows told the BBC that this claim was doubtful because it was unlikely Facebook would have missed such a large breach.
John Smith did not explain why he had not advertised his services more widely.
And when asked whether the leaks were linked to the Russian state or to the Internet Research Agency — a group of hackers linked to the Kremlin — he replied: “No.”