Are Browser Extensions to Blame for Last Years Facebook Hack?
Hackers are selling private messages from 81,000 Facebook accounts online, according to BBC report.
Facebook claims that there has been no security breach, and says that the messages were probably scraped up by browser extensions that have accessed content during normal browsing sessions.
The BBC reported in November that hackers claim to have private account details from 120 million Facebook users, although they haven’t been able to show conclusive proof of such high numbers. They have posted thousands of samples to prove that the hack has occurred.
Facebook says it’s put measures in place to prevent any further breach of sensitive data.
PMs For Sale
Hackers appear to have successfully gathered private details from more than 81,000 Facebook accounts, according to researchers who have viewed a sample of their files. They are attempting to sell the data at a cost of around 8p per account, although the adverts they posted online have been removed.
According to researchers, a further 176,000 account details were being offered for sale alongside this initial set. Researchers couldn’t determine whether the information in these 176,000 accounts was hacked, or simply made public on the users’ profile pages and scraped up from there.
Tracing the IP address of the online ads, it’s believed that the hackers are based in Russia, but they deny any links to the authorities there.
Facebook strongly rejects claims that there’s been a breach of its website security. It says it’s informed the browser extensions that are to blame for the data scraping, but has declined to name them in the media.
Do You Trust Your Browser?
This disclosure of yet more personal data proves that we’re constantly at risk when we’re online. Even if Facebook is completely innocent of any wrongdoing, it is possible that a rogue extension has captured data as users browse.
It’s a stark reminder that we need to secure the devices and software we use, rather than focusing solely on the security of the sites we access.
A rogue browser extension is a perfect example of a compromised environment that appears to be secure. We’ve seen many cases of browser extensions capturing browsing histories, for example, and selling this data to third parties. Details of this kind of data capture can be buried in long privacy policies that users rarely read.
There are reports that the IP addresses associated with this data dump are also associated with a password-stealing trojan called LokiBot. So the hackers may have had multiple attacks going on at the same time.
There’s no way to vet every single browser extension you use, and even reputable extensions have been known to change their terms and introduce undesirable features without many users realising. However, it is worth auditing the extensions you’ve got installed and removing any that you don’t recognise or use.
TotalAV will protect our users however we can, Click HERE to find out how we can protect your computer, laptop and mobile devices from Malware and Viruses Today!