Facebook messages from at least 81,000 accounts hacked & offered for sale online
A new report from the BBC claim that Facebook Messenger has been hacked, with conversations associated with over 81,000 accounts stolen. These messages were then apparently offered for sale via several websites, one of which was tracked to Russia.
The BBC had the security company Digital Shadows confirm this theft by analyzing the 'samples' posted on these websites. Digital Shadows also corroborated the 81,000 figure, and reported that one of these sites, tracked to St. Petersburg, also distributed the LokiBot trojan to its users. The users affected are reportedly mostly located in Ukraine or Russia. However, others are from countries such as the US, UK or Brazil.
BBC reporters acting as customers for this message data spoke to its apparent seller. This individual, going under the name John Smith in an English-language chat, claimed to have hacked an additional 176,000 profiles. However, the data on them could have been scraped from publicly-available information.
Facebook may not have been aware of this situation, as the message data was alleged to have been stolen via a browser extension. However, the company now says that it is taking measures to protect further profiles from this hack.