The exposed database included credentials, IP addresses and text diagrams of comments that fraudsters might post on Facebook pages via the compromised accounts (Shutterstock).
Security researchers revealed that cybercriminals left a database exposed to discover a global attack that led to the penetration of Facebook accounts used to deceive others.
The researchers uncovered a large-scale global fraud targeting Facebook users after finding an insecure database used by the fraudsters to store the usernames and passwords of at least 100,000 victims.
The researchers said: The cybercriminals behind the fraud were deceiving Facebook victims to provide login credentials to their accounts using a tool they claimed was detecting who was visiting their personal files.
According to researchers at the information security company vpnMentor, “The fraudsters used the stolen login credentials to share unwanted comments on Facebook posts via the compromised victims’ accounts, to direct people to their network of fraud sites. These sites eventually led to a fake bitcoin trading platform used to trick people into getting deposits of at least 250 euros.
Researchers have no evidence that other parties may have accessed or leaked the data (Getty Images)
The researchers said they have no evidence of the possibility that other parties may have accessed or leaked the data.
The unsecured Elasticsearch database contained about 5.5 gigabytes of data, which contained 13 million 521 thousand and 774 records for at least 100,000 Facebook users, and the database was open between June and September of the year. Current, and was discovered on September 21.
The exposed database included credentials, IP addresses, and text diagrams of comments that fraudsters may post on Facebook pages via the compromised accounts, directing people to suspicious and fraudulent websites, and Personally Identifiable Information (PII) data, such as: messages The e-mail, names, and phone numbers of the victims who were defrauded to obtain the “Bitcoin” digital currency.
In order to ensure that the database was active and authentic, the researchers said, they entered false credentials to log into one of the fraudulent webpages, and verified its registration.