Did Russian Hackers Just Steal Private Messages From 81,000 Facebook Accounts?

  • Forbes | by: Davey Winder |
  • 2018-11-03
Russian hackers claim to have successfully stolen the profiles of up to 120 million Facebook users. The group have published the details of 257,000 of them in order to advertise the sale of the full database. According to a BBC report threat intelligence experts have confirmed that 81,000 of these samples included the private messages of Facebook users.

It's important to point out that currently there is no evidence to support the claims made by the hackers, on an internet forum known to be frequented by cyber-criminals, that 120 million account profiles have actually been stolen. All that can be said with any certainty at this stage is that at least some of the quarter of a million profiles exposed by the hackers appear to be genuine. The BBC worked with Digital Shadows, a cybersecurity company specializing in threat intelligence, whose experts confirmed that 81,000 of the profiles contained private messages. The remaining 176,000 accounts also appear to be genuine but the data they contained, such as email addresses and telephone numbers, could possibly have been scraped from public profiles rather than stolen by the hackers. This kind of 'padding out' of compromised account databases is far from uncommon as the bigger the database the higher the price it commands. With the teaser advert, which has now been taken down, asking just 10 cents per account the value of a bigger database becomes clear. However, the BBC Russian Service (most of the accounts are from Russian and Ukrainian users) successfully contacted five Russian Facebook users whose messages were published in the marketing teaser and they confirmed that the posts were, indeed, genuine.

Facebook denies that its security had been compromised, instead the blame seems to fall on the use of malicious browser extensions; it further states that steps have been taken to prevent any further accounts from being compromised. These steps include contacting browser vendors so that the malicious extensions, as yet unnamed, could be removed from their respective download stores. Law enforcement has also been informed, and the website that hosted the stolen messages advert taken down.

It's also worth pointing out, without wishing to start victim-shaming, that this compromise looks like being yet another example of Facebook users opening the door to threat actors by being unable to resist the temptation of some stupid add-on. Who can forget how Cambridge Analytica was able to harvest data from 87 million users simply by creating Facebook quizzes including a 'sex compass' questionnaire that people happily participated in. Of course, the blame doesn't lay with those users as they had no idea their data was being harvested for use during political campaigns. The blame is always firmly sat astride the shoulders of the threat actors themselves, with the browser platforms they use also having to mop up some of that guilt. Victims are just that. In this case it looks like they were using a browser extension that appeared innocent enough yet was acting as spyware and collecting data in the background.

It wouldn't be the first time that such extensions have been used to steal data from Facebook users. Last year Bleeping Computer reported that the Browse Secure extension for Google Chrome was doing just that in the background while the user was performing the encrypted searches it was installed for.

Comments

Privacy Policy

Did Russian Hackers Just Steal Private Messages From 81,000 Facebook Accounts? is dedicated to protecting consumer privacy on the Internet. Our practices are consistent with privacy guidelines established by eTrust.com.

Did Russian Hackers Just Steal Private Messages From 81,000 Facebook Accounts? does not require any personal information to obtain access to our website.

Did Russian Hackers Just Steal Private Messages From 81,000 Facebook Accounts? does require limited personal information including name and mailing address from individuals wishing to join as members. Additional information such as e-mail address and phone number may also be requested in order that we may contact members in a timely manner on issues related to our mission.

You will only receive e-mail from us if you request to be added to our e-mail list. You may revise or remove your e-mail address from our files at any time.

Did Russian Hackers Just Steal Private Messages From 81,000 Facebook Accounts? uses "cookie" technology to obtain non-personal information from our online visitors, such as browser/computer type, number of visitors, and site usage. We do not use cookies to extract personal information.

Our website contains links to other sites, but Did Russian Hackers Just Steal Private Messages From 81,000 Facebook Accounts? does not necessarily advocate, support or condone the privacy practices or content of these websites.

Did Russian Hackers Just Steal Private Messages From 81,000 Facebook Accounts? makes all information received from our online visitors as secure as possible against unauthorized access and use. All information is protected by state-of-the-art security technology.

Did Russian Hackers Just Steal Private Messages From 81,000 Facebook Accounts? respects the individual privacy rights and concerns of visitors to our website. We support meaningful self-regulation of the Internet to ensure that responsible organizations maintain the right to use all communications media to interact with the public.