Thursday, June 13, 2024

Hackers are Selling Private Messages From at least 81,000 Facebook Users’ Accounts

Hackers appear to have private messages of 81,000 Facebook compromised accounts reportedly stolen through rouge browser extension that monitors the conversations and send’s the data back to hackers.

According to BBC Russian Service, the hackers appear to have 120 million users accounts personal details and private conversations.

Hackers offering the data for less than 10 cents (8p) per account, most of the compromised user accounts based in Ukraine and Russia and few accounts from UK, US, Brazil and elsewhere.

“We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores,” said Facebook executive Guy Rosen.

Digital Shadow examined the compromised data that the sample data posted contains the private messages of 81,000 Facebook users.

“Data from a further 176,000 accounts was also made available, although some of the information including the email addresses and phone numbers, could have been scraped from members who had not hidden it,” reads BBC blog post.

BBC Russian service emailed to the advertised email address alongside the hacked details and posing as buyer interest.

The advertiser of the data confirmed the data was not associated with Cambridge Analytica scandal or the subsequent security breach revealed in September.

“We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts,” Rosen said.

Last October Facebook said that hackers accessed 29 million Facebook users data by the recent data breach and stolen users personal details such as Email and phone number and other data what compromised user had in their accounts.

Following to that hackers advertised stolen Facebook credentials between $3 and $12 and it can be purchased only through the bitcoin and bitcoin cash.


Latest articles

CISA Warns of Scammers Impersonating as CISA Employees

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a surge...

Microsoft Windows Ntqueryinformationtoken Flaw Let Attackers Escalate Privileges

Microsoft has disclosed a critical vulnerability identified as CVE-2024-30088.With a CVSS score of 8.8, this flaw affects Microsoft...

256,000+ Publicly Exposed Windows Servers Vulnerable to MSMQ RCE Flaw

Cybersecurity watchdog Shadowserver has identified 256,000+ publicly exposed servers vulnerable to a critical Remote...

Indian National Jailed For Hacked Servers Of Company That Fired Him

An Indian national was sentenced to two years and eight months in jail for...

JetBrains Warns of GitHub Plugin that Exposes Access Tokens

A critical vulnerability (CVE-2024-37051) in the JetBrains GitHub plugin for IntelliJ-based IDEs (2023.1 and...

Critical Flaw In Apple Ecosystems Let Attackers Gain Unauthorized Access

Hackers go for Apple due to its massive user base along with rich customers,...

Hackers Exploiting Linux SSH Services to Deploy Malware

SSH and RDP provide remote access to server machines (Linux and Windows respectively) for...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles