- Scientists found a huge database on the dark web
- Threat actors claim to have scraped the abuse of a Facebook API
- Facebook says the database is years old
A hacker claims to have scraped 1.2 billion user posts from Facebook, including people’s names, locations and phone numbers. These are, according to CyberSecurity researchers, Cybergenws that recently discovered a new thread on a dark web forum and promoted the giant database.
In the thread, the threat actor claims to have generated a whole new database (rather than preparing information already available in the crustle water on the dark web) and that it contains user IDs, names, e -mail addresses, usernames, phone numbers, locations, birthday data and gender information.
Cybergenws’ researchers analyzed parts of the data and confirmed that it is legitimate (at least the parts they looked at). This means that the one who intervenes in this database can use the information found to launch very compelling phishing attacks, participate in identity theft and possibly even wire fraud.
Abuse of extensions
But there are other things to consider. First, Cygenws says that the claim of 1.2 billion user posts should be taken with a massive grain of salt for a number of reasons.
First, the threat actor was only released once before, so their reputation is questionable. Secondly, there has been a similar, but less leakage, in the latest history that caused the researchers to suggest that this may be the same archive, only packed again with a little extra information thrown.
The data was allegedly retrieved by abusing a Facebook API. Meta, the parent of the social media giant, did not deny it, but suggested that attackers are simple scammers trying to share an old database as something completely new.
“This is not a new claim. We revealed this year ago and have taken steps to prevent similar events from happening since,” a meta -spokesman told Cybergenws and shared a link to a company’s blog about how it fights scraping.
The researchers believe this could be one of the biggest data raps that have come from Facebook, and a testimony to the company’s poor sense of customer security and privacy:
“Repeated events show a pattern of reactive rather than proactive security measures, especially when it comes to protecting data that is publicly visible but still sensitive. The lack of stronger protective measures and transparency undermines confidence and leaves millions potentially exposed to phishing, scams, possibly identity theft and long -term privacy,” the team said. “
Via Cygenerws
