Hackers have reportedly accessed and posted personal Facebook messages from at least 81,000 user accounts. While the social media giant has denied any security breach at its end this time, the leaks seems to have been caused by malicious browser extensions. Reports suggest that private data of as much as 120 million Facebook users could be at risk.
While Facebook has not specifically named the suspected malicious extensions behind the attack, the social media company has stated that the data leak is not its fault, a report by the BBC Russian Service said.
According to the report, perpetrators behind this data leak claim to have access to details from 120 million accounts which they are planning to sell. The report said that the affected accounts could be from the United States, United Kingdom, Russia, Brazil, Ukraine and other parts of the world.
Facebook has assured that necessary steps are being taken to prevent more accounts from falling to the hackers. “We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores. We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts,” Facebook executive Guy Rosen was quoted as saying by the BBC.
The breach was detected first in September, when an advertisement by one FBSaler appeared on an internet forum, offering to sell personal information on Facebook users. The people behind the advert claimed to have access to 120 million user accounts. The 81,000 profiles posted online as a sample contained private messages, the BBC report said. The BBC Russian Service even contacted five Russian accounts whose private messages were published online and confirmed that the posts were theirs.
One of the websites where the data from hacked accounts had been published seems to have been set up in St Petersburg. The IP address of this website has also been flagged by the Cybercrime Tracker service as it had been used to spread the LokiBot Trojan, which allows attackers to gain access to user passwords, the report said.
On contacting the address in the advertisement, the BBC Russian Service found out that the 120 million Facebook accounts were not part of the Cambridge Analytica scandal or the recent massive data leak in September. This raises doubt over the number of affected accounts being quoted as Facebook would have noticed such a massive data breach, the report said.
The data breach seems to have been caused by some malicious browser extensions which quietly monitored victims’ activity on the platform and sent personal details and private conversations back to the hackers. This puts the browsers’ developers in the wrong for not vetting the programmes in their store.