[ad_1]
Facebook
Inc.
FB 0.40%
estimates that hackers who had access to the private information of 30 million of its users were spammers seeking to earn money through misleading advertising, according to people close to the internal investigation of the 39; company.
Preliminary findings suggest that hackers are not affiliated with a nation-state, the people said.
Facebook's security team has been investigating this incident since September 25, after discovering that a person was downloading a large amount of digital access tokens onto the social network.
During several public meetings on the incident, the company refused to say who was behind the attack, which it describes as a greater security breach in its history. At the first announcement of the attack, Facebook officials said that they might never discover the identity of the hackers.
Internal researchers now believe that the perpetrators of this attack are a group of spammers on Facebook and Instagram who present themselves as a digital marketing company and whose activities were previously known to Facebook's security team, said the familiar. with the investigation.
Facebook had previously indicated that he was working closely with the Federal Bureau of Investigation on a criminal investigation into the incident.
The incident immediately raised questions about the motivation of hackers, in part because Russian and Iranian agents used social media, including Facebook, to harm the United States. Other countries, including North Korea and China, have already been charged. cyberattacks for various purposes.
Stolen Tokens are digital keys that allow hackers to access any part of a user's Facebook account. They would be of great help to state-sponsored attackers who seek to spy, security researchers say.
However, Facebook's internal investigation suggests that the hackers' goal was financial, not ideological, people said.
Hackers only accessed a limited subset of data they could have taken, Facebook said last week. Instead of accessing personal messages, they accessed contact information, including phone numbers and email addresses, as well as about sex, relationship status, and search and search data. 39, registration belonging to 14 million users. For 15 million additional users, only names and contacts were consulted; and the attackers did not obtain personal information from one million people affected by the violation.
Hackers were able to access accounts by exploiting a vulnerability in Facebook's "show as" feature, which allows users to see how their profile is presented to others. Three obscure bugs in the Facebook code allowed the strangers to steal the data, making it a complicated attack to execute.
The incident is one of the latest setbacks for the social media giant, who has been criticized for mismanaging a two-year Russian influence operation on its platform and for failing to protect shared user data with third-party developers years ago.
On Friday, a Facebook official repeatedly refused to reveal the details of the author of the violation, citing Facebook's cooperation with the FBI. "They are actively investigating this with us and they have asked us not to say who might be behind this attack or what their intentions might be," said Guy Rosen, vice president of Facebook, who oversees the company's efforts in security matter.
Write to Robert McMillan at [email protected] and Deepa Seetharaman at [email protected]
Source link