A analysis workforce at vpnMentor has lately discovered a possible rip-off that may have stolen login credentials and bank card particulars of a whole lot of hundreds of Fb customers. The VPN service supplier mentioned that it discovered the rip-off by an unsecured database that was utilized by the hackers to retailer the non-public knowledge of 100,000s Fb customers.
The hackers reportedly used a quite common trick, the place they provide customers on the platform a software to seek out out who lately visited their profiles. Susceptible Fb customers, with out figuring out that it’s a entice, fall into it and disclose their non-public data resembling login credentials and cost credentials.
Victims’ Fb accounts have been accessed by hackers utilizing the stolen login credentials. They went on to put up spam feedback through these accounts, directing individuals to quite a lot of pretend Bitcoin buying and selling platforms, a quite common apply amongst on-line fraudsters nowadays (Twitter confronted a BitCoin cyberattack earlier this yr as nicely). These pretend Bitcoin buying and selling web sites dupe individuals into paying ‘deposits’ of round 250 Euros.
The unsecured Elasticsearch server that was found contained 13.5 million data that amounted to over 5.5GB of knowledge. These data included Fb login credentials (usernames and passwords) of 150,000 to 200,000 Fb customers; outlines for feedback that the hackers would use to trick individuals right into a Bitcoin rip-off; Personally Identifiable Data (PII) knowledge resembling emails, names, and telephone numbers from customers who had landed on the Bitcoin web page; and domains for the web sites used within the rip-off.
The unsecured database was first found on 21st September 2020 by vpnMentor’s analysis workforce. The VPN service wasted no time and instantly reported the case to Fb the identical day. On 22 September, the database was worn out following a Meow cyberattack.
vpnMentor mentioned in its weblog, “Sometimes, the extent of a data breach and the database’s owner is obvious, and the issue is quickly resolved. But rare are these times. Most often, it takes days of investigating before we understand what’s at stake or who’s leaking the data. In this case, the incident didn’t originate from Facebook. The exposed database belonged to a 3rd party using it to process Facebook account login credentials obtained illegally via a group of scam websites targeting the social network’s users.”
vpnMentor claims that the data within the database have been collected throughout the time interval of June to September 2020. Nonetheless, it additionally says that the majority most likely the operation was extra intensive and was being carried out for a far longer time.