Hackers publish private messages from at least 81,000 Facebook accounts, Rogue Browser extension blamed


According to a BBC Report, Hackers said to have compromised and published private messages from at least 81,000 Facebook users’ accounts. The perpetrators said that they had details from a total of 120 million accounts, which they were attempting to sell. However, Facebook says that its security has not been compromised.

Accounts and the data related to them have probably been obtained through malicious browser extensions. Facebook added it had taken steps to prevent further accounts being affected. The account details that have been compromised are based in Ukraine and Russia. However, some are from the UK, US, Brazil and elsewhere. The hackers offered to sell access for 10 cents per account.

The breach first came to light in September, when a post from a user nicknamed FBSaler appeared on an English-language internet forum. The user wrote “we sell personal information of Facebook users. Our database includes 120 million accounts.” BBC independently was able to confirm that more than 81,000 of the profiles posted online as a sample contained private messages.

Data from further 176,000 accounts were also made available, however, some of the information – including email addresses and phone numbers – could have been scraped from members who had not hidden it. One of the websites where the data had been published appeared to have been set up in St Petersburg. Its IP address has also been flagged by the Cybercrime Tracker service.

Extensions from browsers such as Chrome, Opera and Firefox are believed to be the main culprits. According to Facebook, it was one such extension that quietly monitored victims’ activity on the platform and sent personal details and private conversations back to the hackers. However, the hack has nothing to do with Cambridge Analytica scandal or the subsequent security breach revealed in September.

Guy Rosen, Facebook executive in a statement said:

We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores. We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts.