The personal information of more than 500 million Facebook users has been given up for sale. The information contains phone numbers and even site IDs of these Facebook users. It appears that a telegram bot is selling the data for $20 per sale. This sale is linked with the cybercrime forum of the dark web, and it is tough to avoid misuse of your data.
There is no concrete evidence pointing towards any specific individual or group involved in the sale of Facebook user info. However, it is suspected that a group of hackers on the internet is responsible. This group has created a telegram bot to go through user IDs and find related phone numbers. The opposite can also be done as the bot can connect available phone numbers to corresponding Facebook IDs. This criminal group can give telegram bot to potential buyers to check and find Facebook user information.
How Is the Sale Being Conducted?
Even if you are not very active on Facebook, the personal data you used to create the account will be available. The process that is being used to sell Facebook user information is listed below.
- A Facebook server that is non-secured is the site of the sale. Personal data of about 533 million Facebook users are uploaded to this server.
- A telegram bot has been created that allows potential buyers to sift through available user IDs.
- The sellers require a fee to be paid ($20) before getting to use the bot. Buyers have to pay $20 per search. If they decide to search more, then the amount will increase.
- Once the entire payment has been made, the “credits” will be made available to the buyer.
Alon Gal, the co-founder, and CTO of Hudson Rock, a firm dealing in cybersecurity services discovered this scheme. He posted on his Twitter account. Joseph Cox from Motherboard also reported about this. The scheme seems very dangerous as the bot can easily collect the data of millions of Facebook users and even allow buyers to find user IDs and phone numbers convenient for them.
Now while this is being done with the information of Facebook users, it can be easily done with other social media platforms. With bots, the activity cannot be traced very easily. Therefore, it will be very difficult to stop the theft of data before it is too late. Well, if you are active on this social media platform then you should take precautions to not engage in any suspicious activity.
In 2019, similar activity was found by researchers. A non-secured Facebook server was used to provide numbers and site IDs of various users and sell to buyers online. However, Facebook was able to shut down this activity. This time no such action has been taken yet. The telegraph bot is continuing to sell user info to buyers in more than 19 countries. Cybercrime has surged in recent years and no personal data is truly protected. Therefore, you should take as many precautions as possible to avoid misuse and theft.