researchers found the ElasticSearch database on the Internet, which contains data from more than 100,000 compromised Facebook accounts.
vpnMentor researchers found an ElasticSearch database on the internet that contained archives of more than 100,000 compromised Facebook accounts. The archives were used by fraudsters as part of a global hacking campaign against users of social networks.
We discovered a scam using an unsecured database used by fraudsters to store the personal data of 100,000 of their victims. Read the review published by vpnMentor
Scammers have defrauded Facebook users by providing them with details of their personal accounts with a tool that allegedly reveals who is visiting their profiles.
Fraudsters have used stolen credentials to access Facebook accounts and exchange spam comments in messages. All comments ultimately led to the use of the fake Bitcoin trading platform to cheat people with deposits of at least €250.
With links to fake news sites, fraudsters hoped to bypass Facebook scams and confuse them with robot detection tools, the investigators said. If the compromised accounts still contained the same links to the Bitcoin scam, they would quickly be blocked by the social network.
Fraudsters have tricked Facebook users into revealing their account details by giving them a tool that claims to reveal who visited their profile. Personally Identifiable Information (PII) in the repository included emails, names, and phone numbers of victims who registered on a fraudulent Bitcoin website that is also managed by fraudsters. Experts have also found dozens of areas used by scammers in this scam.
The archives also contain technical information on how cybercriminals have automated their processes.
It is not clear whether there is access to open data or whether it has been disclosed by other third parties.
The size of the archive was over 5.5 GB and contained a total of 13,521,774 objects. It remained open from June to September this year. According to experts, at least 100,000 users have been identified in the Facebook scam.
vpnMentor emphasized that Facebook accounts were not compromised, the database opened was owned by a third party who used it to process accounts obtained illegally by a group of fraudulent websites targeting Facebook users.
The researchers informed the social network about their discovery, they also confirmed that the database was real.
The day after the discovery of the unsecured database, she was most likely the target of a Meow attack in which her data was erased and failed. Since July, experts have observed dozens of unprotected cases of Elasticsearch and MongoDB, which were found on the network and inexplicably removed by the person posing the threat, as part of a campaign followed as a Meow attack.
If you are a Facebook user and think you are the victim of this scam, change your login details immediately.
If you have re-used your Facebook password on other accounts, change it immediately to protect them from hacker attacks. We recommend that you use a password generator to create unique and secure passwords for each personal account you have and change them regularly.
Below the investigation period :
- The database is open: 21. September 2020
- Date of contact on Facebook : 21. September 2020.
- The database server is closed* : 22. September 2020
Pierluigi Paganini
(Security issues – Hacking, fraud)
Part
Related Tags:
facebook scammer list 2020,how to report facebook frauds,facebook scammer profiles,facebook messenger link scamming thousands,seniors group for social security,where to report financial abuse of elderly,laws against taking advantage of the elderly,most common spam emails,mediavod,scammer letter full trust love,scammed online how to get money back,how to tell if someone is scamming you online