Hackers are selling more than 267 million Facebook profiles on dark web and hacker forums for $623. These records contain information that could let attackers to perform spear phishing or SMS attacks to steal credentials. However, no passwords are included.
Security researcher Bob Diachenko found the open Elasticsearch database that contained more than 267 million Facebook records last month and most of the users are from the United States.
Most of the records included user’s full name, their phone number, and a unique Facebook ID.
The ISP hosting the database took the server offline after being contacted by Diachenko. But soon, another server containing the same data and an additional 42 million records was brought online which was immediately attacked by unknown attackers who left a message telling the owners to secure their servers.
16.8 million records from the new data included more details such as a Facebook user’s email address, birth date, and gender.
Even though the owner of the server is not known, the researcher believed that it is likely to be owned by a criminal organization who stole the data using the Facebook API before it was locked down or by scraping public profiles.
Cybersecurity intelligence firm, Cyble found a threat actor selling this database for $623on the dark web and through hacking forums. They purchased the database to verify the data and that they are adding it to their http://AmIbreached.com breach notification service.
CEO of Cyble, Beenu Arora said that do not know how the data got leaked and believe that it might be due to a leakage in third-party API or scrapping.
Even though the database sold does not contain Facebook passwords, it contains email addresses and phone numbers of some users. By using this the attackers can create spear-phishing campaigns to steal your password using email campaigns or SMS texts impersonating it from Facebook.
The users are likely to fall for such phishing mails especially if it contains information such as dates of birth and phone numbers.
The users are highly recommended to strengthen their privacy settings on Facebook accounts and be vigilant of uninvited emails and messages.