A malicious browser extension might be behind this huge compromise of around 81,000 Facebook accounts which were put on the dark web for sale, according to reports.
Those behind this attach has told the BBC Russian Service that they have around 120 million accounts access too, although this has been branded “unlikely” by Digital Shadow, whose researchers were called into investigation.
The “FBSaler” who provides the total dataset to the reporters of around 257,000 profiles of which around 81,000 accounts are certain to have been hacked, as this compromise do includes the private messages. The remaining 176,000 may have simply had their profile info such as the names, address, contact number and the interests taken because accounts were left wide open by the users.
Well, these accounts are not linked with the Cambridge Analytica scandal, or the more recent breach of 30 million accounts which has occurred after the attackers obtained access tokens.
“The method used to obtain the accounts remains unconfirmed, though Facebook believe malicious browser extensions could have been used. Facebook have still not been definitive about this, though it said it had contacted browser makers to ensure that known malicious extensions are no longer available to download in their stores,” said Digital Shadows.
“A rogue survey application as used by Kogan is known to have worked in the past; however, account takeovers achieved through credential harvesters, for example, are also a possibility. While a variety of separate breaches may have been used to compile the dataset, it is more likely a single approach was used given the consistency of the data in the dump.”
In this hack the largest amount of profiles around (30%) which are of Ukraine, followed by Russia (9%), although the users from the US, UK and the Brazil are also said to be in this hack.
“Regardless of attribution, motives and the method of collection, the exposure of private messages where people share information they would not usually post publicly on their Facebook feeds is a potentially worrying development,” the firm warned. “Sensitive information may be used for extortion of identity fraud, while it’s not unheard of for individuals to share financial information such as banking details over private messages.”
These accounts were officially available for sale for around $0.10 each on the BlackHat SEO forum, although the report has claimed that the advert has since taken down, according to the BBC.