Private Messages From 81,000 Hacked Facebook Users Are For Sale On The Dark Web

02/11/2018

Facebook is by far the largest social media around. The company has more personal insights and information than any other companies in history, which has enabled it to create a highly effective ad targeting system.

According to a report from BBC, a hacker group managed to get their hands on private messages from more than 81,000 Facebook users' accounts, while they claim to have access to 120 million profiles. The hackers are trying to sell the information on the dark web.

"We sell personal information of Facebook users. Our database includes 120 million accounts," the hacker wrote, selling access to them for 10 cents per account.

Facebook, has reportedly been investigating the breach since September, when a post from a user nicknamed FBSaler appeared on an English-language internet forum.

In a sample of the database, the data includes messages, photos, etc..

Facebook private messages hacked
The BBC Russian Service contacted Russian Facebook users whose private messages had been uploaded and confirmed the posts were theirs

The company said that its security measures have not been compromised. And if the hacked data is legitimate, the hackers may have accessed them through "malicious browser extensions" that stole users' personal information.

Facebook said that it has made some steps to prevent further accounts being affected.

"We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores," said Facebook executive Guy Rosen, explaining that it was one such extension that quietly monitored victims' activity on the platform and sent personal details and private conversations back to the hackers.

"We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts."

According to independent cyber-experts, if malicious browser extensions were indeed the cause, the browsers' developers might share some responsibility for failing to vet the programs, assuming they were distributed via their marketplaces.

The BBC has commissioned a research with cybersecurity company Digital Shadows to analyze this, and suggested that the stolen data is for real. Many of the users whose details have been compromised are based in Ukraine and Russia, with others coming from the UK, U.S., Brazil and elsewhere.

But the Digital Shadows also said that the claim was doubtful because it was unlikely Facebook would have missed such a large breach.

The hack is bad news for Facebook, especially since it has had terrible years, which include the famous Cambridge Analytica scandal, the Russian interference in U.S. election, and the more recent account breach that affected 50 million users.