Security researchers revealed that cyber criminals left a database exposed, to discover a global attack that led to the breach of accounts in Network Facebook has been used to deceive others.
The researchers uncovered a large-scale global fraud targeting Facebook users, after finding a database of insecure data that fraudsters use to store usernames and passwords for at least 100,000 victims.
The researchers said: The cybercriminals behind the fraud were deceiving Facebook victims to provide login credentials to their accounts using a tool that pretended to detect who was forging their personal files.
Then, “the fraudsters used the stolen login credentials to share unwanted comments on Facebook posts via the compromised victims’ accounts, with the aim of directing people to their network of fraud sites, ”according to researchers at the information security company. vpnMentor Friday. And “all of these sites eventually led to a fake Bitcoin trading platform used to trick people into getting deposits of at least 250 euros.”
The researchers said: They have no evidence of the possibility that any other malicious parties may have accessed the data, or leaked it.
The unsecured Elasticsearch database contained about 5.5 gigabytes of data, which contained 13,521,774 records of at least 100,000 Facebook users. The database was open during the period between June and September of this year, and it was discovered on September 21, and it was closed on September 22.
The data in the exposed database included credentials, IP addresses, and text diagrams of comments that fraudsters may post on Facebook pages via the compromised accounts, directing people to suspicious and fraudulent websites, and PII (personally identifiable information) data, such as: emails, And the names and phone numbers of victims who were defrauded to obtain Bitcoin.
In order to ensure that the database was active and authentic, the researchers said, they entered false credentials to log into a fraudulent webpage and verified its registration.