The phone numbers (and corresponding site IDs) of about 500 million Facebook users now appear to be for sale on a dark internet cybercrime forum.
The criminal or group of criminals responsible has compiled a Telegram bot to act as a search function for the data. Potential buyers can now use the bot to search through the data to find phone numbers that match user IDs – or vice versa – while unlocking the full information after paying for ‘credits’. These credits start at $ 20 for a single search and becomes cheaper when purchased in bulk.
The activity was discovered by Alon Gal, co-founder and CTO of the cybersecurity firm Hudson Rock, who posted about the scheme on his Twitter account, and reported by Joseph Cox, by Motherboard.
An insecure Facebook server with account information on millions of users appears to be the source of the data for sale here, though the vulnerability was discovered in 2019 by researchers and Facebook has since corrected it. Gal claimed that the vulnerability was used to create a database containing 533 million users in all countries. ‘(For unknown reasons, the bot itself claims to only sell information to users in 19 countries.)
G / O Media can get a commission
“It is very worrying to see that a database of this size is being sold in cybercrime communities, it is infringing on our privacy and will definitely be used for bad actors to deceive others,” he said. Gal told Motherboard. “It is important that Facebook notifies its users of this violation so that they are less likely to fall victim to various attempts at hacking and social engineering,” he added. We contacted Facebook to comment and will update it when we hear it.
Telegram bots, what is built to be customizable, was increasingly involved in cyber fraud, albeit in a slightly different way than this scenario. Recently, a report by researchers found that collisions were used in a scam-as-a-service scheme, in which criminals could automate communication with potential phishing victims. A Buzzfeed report from several years ago also showed that the bots were used by Bitcoin scammers to lure victims into shady online pumping and dumping schemes.