Recently hacked Facebook accounts were reportedly being sold via the dark web for only around $3 to $12, according to The Independent. Users looking to purchase these compromised social media accounts were able to pay for them with cryptocurrency.
This news has come shortly after a large-scale security breach (last month) during which the private information of about 50 million Facebook users was obtained. Hackers had reportedly been able to exploit a vulnerability that allowed them to gain access to and steal users’ “access tokens.”
These tokens are like digital keys that allow Facebook users to access their accounts as they help verify and authenticate login credentials. Additionally, these “access tokens” contain other sensitive user data.
Hacked Accounts On Sale For Cryptocurrency
At the time of the security breach, Facebook said there was no evidence that the compromised accounts had actually been used by the hackers. However, as mentioned, these accounts were being sold through a dark web marketplace called Dream Market, in exchange for bitcoin (BTC), bitcoin cash (BCH), monero (XMR), among other cryptocurrencies.
The Dream Market has some of the same design features as mainstream internet retailers such as Amazon and eBay. For instance, it has a similar rating system and allows buyers to connect with a large pool of established sellers.
Although it now appears that the dark web seller has removed the listing, the value of Facebook’s large number of compromised accounts and sensitive data has been estimated to be between the range of $150 million to $600 million.
Commenting on the hack, Facebook CEO Mark Zuckerberg said:
We face constant attacks from people who want to take over accounts or steal information around the world… The reality is we need to continue developing new tools to prevent this from happening in the first place.
Bitcoin ATM Malware, Leaked Hotel Data Records
As CryptoGlobe reported in August, a hacker described by cybersecurity firm Trend Micro as “an established and respected” dark web seller had developed a bitcoin ATM (BTM) malware program and had been selling it for $25,000 via secret online forums.
The seller’s listing noted that the BTM malware came with a ready-to-use card which had EMV support (short for Europay, MasterCard, and Visa). It also reportedly supported NFC transactions which allows users to make payments from their smartphones. By using the malware, users would have been able to steal up to 6,750 in British pounds (GBP), Euros, or USD – each time they used the exploitative program.
CryptoGlobe also reported in late August that 130 million leaked hotel data records were being sold for bitcoin (BTC) via China’s dark web. The hacker had managed to steal the large amount of private user data from the Huazhu Hotel Group, one of the largest Chinese hotel management companies.