The vulnerability in the Facebook social network was closed in 2019, but cybercriminals managed through it to gain access to more than 500 million phone numbers of users. They are now for sale on the darknet forum. Those interested can view the database using a Telegram bot.
This activity was discovered by Alon Gal, one of the founders and CTO of the network security firm Hudson Rock. According to him, the emergence of a database of this size is of great concern, seriously threatens confidentiality and will be used for various kinds of illegal activities. What causes the main concern is the ease of access by anyone to 533 million records. A bot was created in Telegram, in which anyone can find a user’s phone number using their Facebook ID. Or, conversely, a Facebook account is located by phone number.
However, the information is not given free of charge. Each request will cost a fairly large amount of $ 20. This is how much the so-called loan costs. Cheaper by the dozen: 10,000 credits will cost $ 5,000.
The bot has been working since at least January 12th. While the data is current for 2019, most users now have the same phones attached as then. The existence of vulnerabilities was reported in the same 2019.
This is not the first time Facebook users regret entering too much personal information. In 2018, it was discovered that two-factor authentication is being used by Facebook to send targeted ads.