The phone numbers (and corresponding website IDs) of nearly 500 million Facebook users now appear to be for sale on a cybercrime forum on the dark web.
The criminal or group of responsible criminals built a Telegram bot to function as a search function for the data. Potential buyers can now use the bot to dig through the data and find phone numbers that match their user IDs – or vice versa – with all the information being unlocked after paying the “credits” for the query. These credits start at $ 20 for a single survey and it will be cheaper if purchased in bulk.
The activity was discovered by Alon Gal, co-founder and CTO of cybersecurity company Hudson Rock, who posted about the scheme on your Twitter account, and reported by Joseph Cox, on the motherboard.
An insecure Facebook server containing account information for millions of users appears to be the source of the data for sale here – although this vulnerability was discovered by researchers in 2019 and Facebook has since fixed it. Gal said the vulnerability was exploited to create “a database containing information from 533 million users in all countries”. (For unknown reasons, the bot itself claims to sell information to users in 19 countries.)
G / O Media can receive a commission
“It is very worrying to see a database of this size being sold in cybercrime communities, it seriously damages our privacy and will certainly be used for defamation and other fraudulent activities by criminals.” Gal told Motherboard. “It is important that Facebook notify its users of this breach so that they are less likely to be victims of different attempts by hackers and social engineering,” he added. We contacted Facebook to comment and will update if we receive a response.
Telegram Bots, which were built to be customizable, have been increasingly involved in cyber fraud, albeit in slightly different ways from this scenario. Recently, a report by researchers found that bots were being taken advantage of in a scam-as-a-service scheme, in which criminals were able to automate communications with potential phishing victims. Likewise, a Buzzfeed report from several years ago showed that bots were being used by Bitcoin scammers to lure victims to obscure online bomb and eviction schemes.