CyberNews Briefs

267 million Facebook profiles sold for $600 on the dark web

Security researcher Bob Diachenko discovered 267 million Facebook profiles being sold on dark web sites and hacker forums for over $600 apiece. Diachenko uncovered the stolen account credentials for sale last month. However, none of the records include passwords, instead containing information that could allow attackers to conduct spear-phishing or SMS attacks.

Diachenko found an open Elasticsearch database that contained the records, most of which included information on US users. The records included a full name, phone number, and a unique Facebook ID. The database has since been taken offline by the ISP hosting it after they were contacted by Diachenko. However, a new server containing the same data plus an additional 42 million records was found and promptly attacked by threat actors who left a message warning owners to secure their servers.

Read More: 267 million Facebook profiles sold for $600 on the dark web

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.