Hackers are selling stolen Facebook logins on the dark web for as little as $3
Facebook accounts are being sold on the dark web for as low as $3, reports The Independent. This news comes shortly after a massive security breach that exposed data of approximately 50 million of Facebook users last month.
Hackers had exploited the security flaw and stolen “access tokens”, which is equivalent of digital keys that keep users logged into their accounts and include users’ sensitive data. However, the company back then claimed that it did not find any evidence of Facebook Logins being used by hackers.
But now, these stolen Facebook logins are being sold on the dark web for as little as $3 with the most expensive being sold for $12. Value of the entire stolen data has been estimated to be around $150 million and $600 million.
According to The Independent, dozens of listings for sale were noticed on the dark web marketplace, Dream Market, which use a similar rating system to other online retailers like Amazon and eBay to verify its vendors. Interested buyers can purchase the account login details through cryptocurrencies such as bitcoins.
Basically, the access tokens allow users to stay logged into Facebook apps on smartphones even when they close them. However, the hackers can misuse it to take control of user accounts, or for cybercriminal crimes such as identity theft, credit card fraud, spam and fraud emails, or even blackmailing.
Facebook CEO Mark Zuckerberg in a post to Facebook last week said: “We face constant attacks from people who want to take over accounts or steal information around the world… The reality is we need to continue developing new tools to prevent this from happening in the first place.”
As a precautionary measure, Facebook has taken down the “view as” feature, known as a privacy tool to let users see how their profiles look to other people. In short, how their information is displayed to friends or friends of friends or to anyone.