[ad_1]
A new report might make you think twice before installing that next Chrome extension. The private Facebook messages of at least 81,000 people have reportedly been stolen, probably due to an exploit in a browser extension, and are compromised accounts for just $ 0.10 apiece.
The BBC reports that a shady group has reached the top of the list of claimants, dubiously, is 120 million accounts. This hack apparently has nothing to do with the most recent hack of Facebook. The hackers, who may be BBC Russian Service, appear to have more than 81,000 people, mostly of Russians and Ukrainians, but also of people in the US, UK, and Brazil, according to the BBC.
Facebook commented, "We have contacted browser-makers to make sure that we know about them." The company has also reportedly contacted 10 cents per account for the price of roughly 10 cents per account.
Security firm Digital Shadows helped BBC analyze the data and make the attackers use a browser exploit. Aim Rick Holland, Digital Shadows' Chief Information Officer and Vice President of Strategy, told Gizmodo that they still do not know what browser extension or extensions might be responsible.
"Browsers like Chrome can be very secure, but browser extensions can have serious gaps in their armor. The addition of browser extensions is a small surface attack. Malicious extensions can be used to intercept and manipulate the data passing through the browser, "Holland said.
"Sadly, make the browser go like this," he continued, "and the management of browser extensions is a challenge for cybersecurity that makes things much worse."
Why the difference between the hackers 120 million accounts and perhaps just 81,000 accounts, according to Digital Shadows? Much of the information from the 120 million accounts may be just scraped from the public. But the stolen private messages sure look legit. The BBC contacted five Facebook users and confirmed that Facebook messages being offered for sale were real.
Many of the messages are relatively simple and include a few chats about going on vacation and attending concerts. But as you expect, there are also more sensitive discussions, including "intimate correspondence between two lovers," as the BBC describes it.
So, this one does not appear to be Facebook's fault, but it's still not great news for the scandal-plagued social network. Between the September Data breaches and the impact of the 29 million users-the ongoing rash of fake news and failed moderation efforts, and Facebook's complicity in genocide, it's no wonder that more people are deleting Facebook from their phones. But if you have any private messages on the service, you may want to consider deleting those as well. They could end up being offered for pennies-assuming they have not been published already.
[BBC]