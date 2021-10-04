After the blackout, 1.5 billion data from Facebook users are sold by criminals

The day is not being the best for Facebook. In addition to the fact that its entire ecosystem is down due to a still-unknown global flaw, information that popped up on the web this Monday afternoon (4) indicates that data from more than 1.5 billion users of the social network have been sold on a popular cybercrime forum on the dark web.

Apparently, this data is not related to the Facebook leak that occurred at the beginning of 2021, on what 500 millions of users were exposed — and there are doubts if there is a connection with the “blackout” that also happens this Monday. The fact is that, coincidentally or not, this information became available for sale just after the disappearance of the social network ecosystem on the web.

Post on the cybercriminal forum announcing the data. (Image: Reproduction/Privacy Affairs)

According to the posts made on the forum, the following user data are being made available.

  • Name
  • Email
  • Location
  • Gender
  • Phone number
  • User ID

    According to the Privacy Affairs website, samples of the information provided in the posts indicate that the data is real. Also according to Privacy Affairs, one million Facebook accounts cost US$5,000 (about R$ 13, 3000 at the current price). And although the post is from September, the activities related to this database only gained movement this Monday afternoon. Some Twitter accounts even considered an invasion of Facebook, but, as we can see below, this possibility is initially ruled out.

    🚨BREAKING🚨

    Data of over 1.5 billion Facebook users is being sold on a popular hacking-related forum. Data contains users’ names, emails, phone numbers, locations, gender, and user ID.

    It appears $FB was hacked.

— unusual_whales (@unusual_whales) October 4, 2016

The Privacy Affairs site also crossed the sample of data available in the post with those of previous Facebook leaks, and found no similar occurrences, potentially meaning this is a completely new incident.

Data was not obtained by hacking

512654

Criminals explaining how they got the information. (Image: Reproduction/Privacy Affairs)

The sellers claim that this data was not obtained from hacking, but rather by data scrapping (“data scraping”, in free translation). This method consists of using robots to collect data that Internet users themselves, knowingly or not, configure as public.

According to the criminals, the “data scraping” was performed from polls, which when answered, sent user information to the poll creator, or even by accessing profiles configured to display all information publicly.

It is recommended that Facebook users do not make their profiles completely public to avoid this type of data collection. Furthermore, it is suggested that polls offered by unknown companies or developers be avoided, as there is a high chance they are part of criminal schemes.

No accounts have been compromised, as the passwords are not among the data being sold. But with information such as phone number and location available, the overall security of these users can be compromised. Criminals can use data such as name, email, location, and phone number to target cyber hijacking (ransomware), phishing, pharming, and social engineering scams more easily.

Source: Privacy Affairs

