At least 81,000 Facebook accounts have been hacked and are for sale on the internet
A new scandal hit Facebook on Thursday (1): According to a BBC discovery, at least 81,000 user accounts have been stolen by Russian hackers, and that figure could reach as high as 120 million.
The first signs of this security breach came in September, when a user named FBSaler posted an English-language forum (which sold Facebook user profiles) that had a database of 120 million users.
Internet security firm Digital Shadows examined the sample of the user's sample at the BBC's request and found that the sample's 81,000 accounts contained private messages that could not be accessed by legal methods by anyone, confirming that all accounts were hacked there. Among the information disclosed, there were talks about a show by the band Depeche Mode, complaints from a user about the son-in-law and even spicy talk between two lovers.
She also noted that while most of the sample profiles were from users in Russia and Ukraine, there were accounts from all regions of the world, including countries like the United States, England and even Brazil.
The accounts were sold for ten cents each, but since Digital Shadows began the investigation, the post where those accounts were sold was erased. But before that, the BBC Russia team was able to e-mail the seller of those accounts, which confirmed that the accounts on sale were not the same as those affected by the Cambridge Analytica scandal months ago, or the theft of tokens that occurred in late September, ensuring that the group had access to 120 million user accounts worldwide, and 2.7 million of those accounts would be Russian users. When asked whether the group was connected to the Russian government or had any connection with the Internet Research Agency (the hacker group that has links with the Russian government), the answer was no.
Despite denials of involvement with the Russian government, one of the websites where account information was posted could be traced from St Petersburg and uses an IP address that Cybercrime Tracker says has already been used in the past to spread the word. LokiBot Trojan, a virus that allows cybercriminals to access password data from computer users.
Although 120 million accounts are alarming, Digital Shadow believes it is only a bluff to catch the attention of potential buyers, claiming that it would not be possible for a company like Facebook, which since the scandal with Cambridge Analytica has been redobrada attention with the security of the data of its users, would not be perceived an theft of accounts of this magnitude.
Asked about the case, Facebook guarantees that it has not suffered any kind of invasion on its servers from where this information in private messages may have been stolen, and believed that this information was accessed through extensions installed in users' browsers that took prints of the screen and automatically sent them to the servers of these cybercriminals.
The company also said that it is already working with local authorities to remove the sites that provided account information, and has already contacted the developers of major browsers so they can remove the extensions used in the theft accounts.
Facebook claims that this time has no blame for stealing the accounts and if the theft was done even through browser extensions, the company will really be free of blame in this case, and who should take their share of responsibility are the developers of browsers, which allowed programs with malicious intent to be provided in their stores.
Even so, this is already the third major controversy involving user data that hits Facebook this year alone, making it the hardest year for the Zuckerberg company since 2018 since it became one of the technology market giants - and certainly this new "frill" is expected to further dampen public confidence in the world's largest social network.