16 Nov Scammers Expose Facebook Data Haul of 13 Million Records
Security researchers have uncovered a major Facebook scam exploiting hundreds of thousands of users, after the scammers left an Elasticsearch server unsecured.
Among the 5.5GB haul discovered by vpnMentor on September 21, was 150,000-200,000 Facebook usernames and passwords, and personal info including emails, names and phone numbers for hundreds of thousands who had fallen victim to a Bitcoin scam.
The two datasets are part of the same operation: the first group were tricked into handing over their account log-ins by a fake app promising to reveal who had recently visited their profile. With these log-ins, the scammers hijacked the victims’ accounts and posted comments on their Facebook posts, with links directing individuals to a Bitcoin fraud scheme.
In total, the exposed database contained 13.5 million records, also including domains used in the scheme and text outlines related to the Facebook comments the fraudsters would post.
Although the data came from a relatively short window, June-September 2020, there are fears the scheme may have originally been much bigger. At the time it was registered by Shodan, the database contained 11GB of data relating to the scheme, rather than 5.5GB, meaning many more victims may have been affected.
The database was then wiped by the Meow attack the day after vpnMentor discovered it. New data immediately started to appear again before those in charge finally secured the server.
With access to users’ Facebook accounts, the cyber-criminals behind this campaign have a highly monetizable resource for posting malicious links to scams, launching follow-on phishing or identity fraud attempts, blackmail and credential stuffing of other accounts, vpnMentor warned.
“If you’re a Facebook user and think you’ve been a victim of this fraud, change your login credentials immediately. Furthermore, if you reused your Facebook password on any other accounts, change it immediately to protect them from hacking,” the firm said.
“We recommend using a password generator to create unique, strong passwords for every private account you have, and changing them periodically. Never provide usernames and passwords for Facebook, email or financial accounts to external websites.”
We’re Synium IT, how can we help?
Our aim is to become a seamless and invaluable part of your team – so you can be sure of exceptional service and a proactive, friendly and jargon-free approach to IT.
Synium IT provides the full range of IT support services to organisations throughout the West Midlands. Our approach is to deliver the very best IT Support services to our clients for great value for money, with no contract tie-in. Allowing you to experience the benefits of your own IT support partner without any risk.
Contact us today on 0121 663 0203 to find out more about how we can help.
News Source: https://www.infosecurity-magazine.com/