Private messages stolen from 81,000 Facebook accounts are on sale

If you remember, about a month ago, hackers exploited a loophole in the Facebook code allowing them to steal access tokens of about 50 million accounts, the biggest theft of data from the company's history.

Although Facebook stated that the number was actually less than the number initially stated, the stolen data included personal information such as phone numbers, email addresses, work, gender, religious affiliation and even the types of devices used to access the site.

Now, it seems that another group is peddling Facebook information online. No, it does not seem to be related to past violations such as the Cambridge Analytica fiasco or the recent data leak.

This is a brand new scheme that jeopardizes the private information of thousands of people.

Private Facebook messages for sale

Hackers would sell stolen private messages to at least 81,000 Facebook user accounts.

First reported by the BBC, the majority of the compromised accounts seem to belong to Facebook users based in Ukraine and Russia, but there are also some in the United Kingdom, the United States, Brazil and Japan. Other countries.

In addition, hackers also claimed to have 120 million Facebook accounts and offer them for sale at 10 cents per account.

Based on the review of cyber security firm Digital Shadows, the BBC confirmed that the 81,000 accounts published as sample contained private messages. Five Russian Facebook users also confirmed that some of their private messages were part of the sample.

Another set of data including the e-mail addresses and phone numbers of 176,000 accounts was also put on sale, but these may have been simply exploited by Facebook users who declared them public.

Interestingly, one of the sites where the data was published seems to have been created in St. Petersburg, which further strengthens its Russian origins.

This is not the fault of Facebook?

The BBC report stated that Facebook's security had not been compromised and that the data was likely being exploited via malicious browser extensions.

These browser extensions or add-ons are usually disguised as shopping assistants, bookmarking tools and games, and are available on Chrome and Firefox.

Although Facebook did not name the malicious extensions, the company said that a particular extension was monitoring the activity of Facebook users in the background, and then sending personal information and private messages to pirates.

The social media giant also added that he had taken steps to prevent other accounts from being affected

"We have contacted the browser makers to make sure that the known malicious extensions are no longer available for download in their stores," Facebook manager Guy Rosen told BBC.

"We also contacted law enforcement and worked with local authorities to remove the website posting Facebook account information," he added.

Check your browser extensions

As a precaution and to protect you from this type of hacking, it is recommended to check the extensions and add-ons of your browser and remove, disable or uninstall those you do not know and do not fully trust.

How to remove Chrome extensions

Here's how to uninstall a Chrome extension:

1. In your Chrome browser, click on the three vertical dots in the upper right corner.
2. Fly overMore tools"and then click Extensions.
3. You will now be directed to a page with all your extensions installed.
4. To delete an extension, click on its trash icon (on the right).
5. Click on Remove in the popup window to confirm.

How to remove Firefox add-ons

Here are the steps to disable or remove a Firefox extension or add-in:

1. On your Firefox browser, click on the three horizontal lines in the upper right corner.
2. Click on Add-ons.
3. On the new "about: addons" that opens, click on "Extensions" in the left menu bar.
4. Select the add-on or extension that you want to disable.
5. Click on its deactivation button.
6. Restart your Firefox browser.

International hotel chain victim of massive data breach – has your data been compromised?

If you have stayed in this chain, read on! This massive data breach stole names, addresses, email, phone, reward card numbers and more. You will not believe how this information was disclosed. I'll tell you how you can make sure your data is safe.

Tap or click to see if this hack could have affected you.