Facebook private messages hacked from thousands of accounts.
Saga of Facebook data breach continues as Russian hackers blamed.
An investigation has revealed that Russian hackers are selling private messages from 81,000 Facebook accounts online. Apparently, the messages were posted on a forum by hackers claiming to have access to the personal data of 120 million accounts. The data is being offered at 8p per profile, according to the BBC. Facebook private messages hacked included “intimate correspondence between two lovers”, the BBC reported. Facebook denies that hackers breached the security of its servers. Instead the tech firm blames users who installed malicious web browser extensions that can store private messages. The perpetrators told the BBC Russian Service that they had details from 120 million Facebook accounts, which they were attempting to sell. Although this figure have not yet been verified.
Facebook Private Messages Hacked – For Sale!
One advert states:
We sell personal information of Facebook users. Our database includes 120 million accounts…
However, according to BBC News, only 81,000 accounts had been stolen. Joseph Carson, chief security scientist at Thycotic, commented that hackers are likely to have exaggerated the amount of data they are holding.
It is very unlikely that the cybercriminals have all the private message for 120 million accounts,” he said. “It is however, more likely that the published list of 81,000 accounts is all that the cybercriminals have, and they are looking to cause disruption and fear.
In a statement sent to Newsweek, citing executive Guy Rosen, Facebook said:
Based on our investigation so far, we believe this information was obtained through malicious browser extensions installed off of Facebook.
Facebook declined to elaborate on which extension could have been responsible for covertly sending account information to the hackers.
Hack Linked to Russia
According to BBC News, the platform where the data was posted appears to have Russian links. It is attached to a St. Petersburg based IP address. The IP address was also flagged by the Cybercrime Tracker service. It reported that the address had been used to spread the LokiBot Trojan, which allows attackers to access user passwords. The sale of the intercepted messages comes as Facebook attempts to recover from two separate privacy scandals this year. In September Facebook admitted that it had suffered a security breach, exposing the data of 50 million users. However, no evidence was found to confirm that any private messages or passwords were revealed in the hack. The attack enabled hackers to exploit a number of loopholes in the social network, to obtain profile information. Earlier this year the social network was fined £500,000 by the Information Commissioner’s Office. The ICO said Facebook allowed a ‘personality app’ to access personal data from November 2013. The app was created by Dr Aleksandr Kogan, the data scientist behind Cambridge Analytica. As well as the 300,000 people who installed the app, the app was able to harvest information of 87 million people around the world. Sources and credits: BBC News, The Telegraph, Newsweek