ZDNet UK / News and Analysis / Security / Security Threats

iDefense: 1.5 million Facebook accounts for sale

By Matt Broersma, ZDNet UK, 23 April, 2010 17:37

Topics

Facebook, iDefense, VeriSign, Scams, Privacy, Personal data, Cybercrime

NEWS

In a worrying development for Facebook users concerned about security, iDefense Labs has found a hacker offering 1.5 million Facebook user accounts for sale on an underground hacker forum.

The accounts are being offered by a user called Kirllos who was operating using the Russian language, VeriSign unit iDefense said in a statement on Thursday. iDefense was unable to verify whether the accounts are legitimate.

The accounts are priced at $25 (£16) per 1,000 accounts with 10 contacts or less, or $45 for 1,000 accounts with more than 10 contacts. iDefense estimated that Kirllos has so far sold around 700,000 accounts.

The incident underscores the growing security concern around Facebook, which has more than 400 million members worldwide. This particular case shows that cybercriminals are beginning to look beyond their own geographies to international platforms such as Facebook, iDefense said.

Facebook was unable to immediately confirm iDefense's report or whether the accounts in question were legitimate. However, a spokeswoman for the company told ZDNet UK that the site has security procedures in place for users who believe their accounts have been hacked.

People can report a hacked account via a Facebook web page. If they still have access to their account, they should reset their password using the "Forgot your password?" link, the company advised.

Facebook has acknowledged that hijacked accounts have been used for various attacks, including money transfer scams.

"The money transfer scam is characterised by cybercriminals using Facebook in an attempt to trick your friends into sending them money," the company said in a security document on its website. "Most frequently, these criminals will gain control of a Facebook account, and use the Chat or Status features to claim that you are stuck in a far away location and in need of financial assistance."

The company has provided a form where users who believe their accounts have been affected by the money transfer scam can enter their account information for further investigation.

In January, a security researcher warned that Facebook is susceptible to certain types of attacks that could allow someone to hijack an account while a user is interacting with another website. Reseacher Nitesh Dhanjani also said a design flaw in Facebook is granting third-party apps permission to access user profile data without express approval from users.

Facebook has said it has systems in place for detecting and blocking access to links that are being used to launch such attacks on Facebook accounts.

Related stories

Managers ease restrictions on Facebook use

Facebook extends social network with Open Graph

Microsoft, Facebook launch document-sharing Docs.com

Facebook at risk of clickjacking, researcher warns

McAfee: Facebook, Twitter targets for attack in 2010

Talkback

The big problem here is user apathy towards social network security. A recent piece of research to land on my desk suggested that the majority of users who were aware of the security issues surrounding Internet usage were inclined to sacrifice security for convenience when using social networks.

This is borne out by the number of people who quite happily pass over their Facebook or Twitter logins to some third party simply so they can play a pointless game, take part in a pointless quiz or generate some pointless stats. How much thought is given as to how safe that handing over of login data is, or if indeed the third party app is just a front for collecting those logins for malicious purposes?

Zilch, would seem to be the answer. There are plenty of processes in place which can secure third party login requests, but few users either know about them or care enough to check that the latest app/game/quiz is implementing them.

No wonder compromised accounts are available so cheaply.

Davey Winder 25 April, 2010 10:13 Reply

I really don t understand. Why those people sell acounts from Facebook. And where are the buyers?masini

padurar2009 25 April, 2010 16:19 Reply

Simple. The account logins are sold in order to enable 'the bad guys' to exploit the networks of friends they lead to for the purpose of distributing malware and spam. It's a highly lucrative business; think of it as a way of buying into a trusted circle of unsuspecting contacts who are far more likely to click on a malicious link when it has been forwarded to them by one of their own instead of a complete stranger. As for the buyers, well they are are the usual suspects and can be found in the usual places. These sort of logins command a certain value at underground black market crime websites and auction houses, the same places where you can rent a botnet by the hour no questions asked or purchase a ready made Trojan kit for example.

Davey Winder 26 April, 2010 11:06 Reply

And it's too bad that Facebook signed a deal with McAfee, meaning that if your account is compromised you HAVE to use McAfee security to scan your computer, even if it is not running windows. Basically, if you have your account hacked, you have to use windows before you can continue using facebook.

Yargh 11 May, 2010 15:54 Reply

Post your comment

In order to post a comment you need to be registered and logged in

Log in or create your ZDNet UK account below

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ

HAVANA:19840

ZDNet UK Live

expert_lectures

HR in the UK Bill Kutik on HR Collaboration Options: By Oliver Marks | September 5, 2010, 6:02pm... http://bit.ly/9q2dmG expertlectures.com

SoFrank

Jack, I hereby nickname you "Ebenezer." Leorising, I *totally* trust some obscure search engine with no transparent revenue stream to be honest and...

3 hours ago by SoFrank on Google’s Buckyballs doodle costs people money, drives users away
InfoGuruShop

BBC I Player - could launch Monday http://bit.ly/b8DgJp

mapyourbrand

New iPlayer to launch, with social features... Social TV will be interesting! http://bit.ly/diCEYW

mikecane

Google’s Buckyballs doodle costs people money, drives users away http://t.co/K7VmmHu <- HA! That didn't affect OPERA for me at all! Irony!

jtroll

Google Doodles are terrific examples of creativity for creativity's sake... except when they overheat your machine: http://bit.ly/aC1rqL

leorising

Switch to Startpage: http://www.startpage.com/eng/download-startpage-plugin.html You can add them to your pulldown search list in firefox, dunno...

7 hours ago by leorising on Google’s Buckyballs doodle costs people money, drives users away
BrianExCIS

The Nano is a real backwards step, too small and fiddly if you're over 40 and with reduced functionality. I'm going to put a 32GB SDHC card in my...

7 hours ago by BrianExCIS on New iPods, revamped Apple TV arrive
Stjepan

"I'd rather have the time back that I spent reading this article." Second to that. What computer you are using there? Very interesting, my three...

7 hours ago by Stjepan on Google’s Buckyballs doodle costs people money, drives users away
Stjepan

"I'd rather have the time back that I spent reading this article." Second to that. What computer you are using there? Very interesting, my three...

7 hours ago by Stjepan
chokha

String theory gets entangled in quantum computing http://bit.ly/cFWmmv

rpreibold

String theory gets entangled in quantum computing: ... Imperial College London think they have found a way to test... http://bit.ly/cIEKw7

Socmediadigest

#RT #SM #SocialMedia BBC iPlayer: social media and the public interest: Ah, yes, but social media so... http://bit.ly/aZEYQN #social #media

adam_ps

.@jackschofield on the surprising (to me) cost of Google’s Buckyballs doodle: http://bit.ly/dvpIDq On ZD Net

macmanblack

John Ross on retail market behavior...and social media http://bit.ly/95qJAd

Ezbizs

New iPods, revamped Apple TV arrive: ZDNet UKBy Staff, CNET News, 3 September, 2010 17:58 On Wednesday in Sa... http://tinyurl.com/236h64g

macmanblack

BBC iplayer going social http://bit.ly/95qJAd

DarrenZahradnik

Interesting: BBC iPlayer: social media and the public interest http://bit.ly/cv6amU

SocialMediaXprt

RT @DarrenZahradnik: Interesting: BBC iPlayer: social media and the public interest http://bit.ly/cv6amU http://bit.ly/9gHQfH

GloriaEdwards12

BBC iPlayer: social media and the public interest: By Rupert Goodwins, 5 September, 2010 17:42 The BBC is preparin... http://bit.ly/aISQLf

Latest in Security Threats

ITU head: Cyberwar could be 'worse than tsunami'

USB drive malware caused worst US military data breach

Rustock botnet responsible for 39 percent of all spam

Featured white papers

SunGard Aquires Hosting 365

A synopsis of SunGard's acquisition of 365 Hosting Limited, a Dublin, Ireland-based cloud computing and data centre services company..

Download now

HP Managed Print Services deal yields 40 percentcost saving at Merck Sharp & Dohme Italia SpA

Merck Sharp & Dohme Italia SpA wanted to consolidate its ageing, unmanaged print, copy and fax fleet and introduce a Managed Print Service (MPS) solution to drive down costs.

Download now

Real-Time Protection for Hyper-V

Server virtualization is a hot topic in the IT world because of the potential for providing serious cost savings for customers.

Download now

Inside ZDNet UK

Broadband Speed Test

How fast is your broadband?

Join ZDNet UK on Facebook

Join ZDNet UK on Facebook

White Papers

Free technology white papers

Downloads

Browse our free downloads

Jobs

Search for a new job

Hot Topics

ZDNet UK hot topics

Storage Resource Centre

Storage Resource Centre