Category Archives: Facebook

Facebook is the world's No.1 social networking leader. It is also the most hacked. With billions of users in the world, it is the one that all hackers are trying to crack.

Internet users to the test of data leaks

Last April, 533 million Internet users, especially Facebook users, saw their personal information circulated on the web.

This file contained important information such as two phone numbers and email addresses. The essentials to massively launch a phishing campaign and all other cyber-malveillance activities of the kind.

This article will also interest you: Facebook would have been the victim of a data leak?

According to a computer security specialist named David Sygula " the Facebook file includes phone numbers, but on the other hand few email addresses – about 111,000 for France, or 0.5% of the Internet users in the file – so email attacks are already a little less likely. ».

This massive data leak draws attention to a very obvious reality that we have known for a very long time but which we still neglect: cyber criminals are constantly on the move and resent our data to hurt us. In the face of this situation, one must be careful especially when receiving an unknown text message or correspondence email. Obviously the advice and not just open it.

Often some Internet users wonder how to know that their data is in circulation. Well, there are platforms for that. For example, we have the haveibeenpwned.com website which of course lets you know if emails or phone numbers belonging to you are part of databases exchanged by hackers. The platform does have a fairly reliable reputation on the part of cybersecurity professionals. There is also another French platform this time Zataz.com, which offers my paid services for the watch of the sector for individuals.

However the warning remains the same, do not trust any online platform and entrust it with your personal data. You may have the risk of having them resold. For example, Jean-Jacques Latour, the head of the French platform cybermalveillance.gouv.fr, has always shown distrust of platforms such as haveIbeenpwned. "There's no guarantee of completeness" and "it might scare you for not much," he thinks.

But you should know that if you had already registered your phone number on Facebook before the year 2019, there is a good chance that you are one of those 533 million Internet users, whose information is sold on a hacker forum constituting about 20 million French people.

"The trap you can expect is to get a fake SMS saying hello it's Facebook, we've detected a weird connection on your account and inviting you to click on a link," says David Sygula, an analyst at CybelAngel, a data leak tracking company.

"You don't ask yourself any questions, you click on the link… and you are trapped, with the risk of being robbed of sensitive information, such as passwords or access codes, or of having spyware implanted on your device. he adds.

Moreover, Facebook's data leak should not be made exceptional. In practice, "the Facebook file "is nothing compared to the mass of stolen data that hackers constantly exchange or resell," explains Damien Bancal, the site manager Zataz.com,

"Last night, in four hours, I was able to access more than 150 different databases, giving private information that is sometimes very well segmented," he explains. "I have a shop that sells data from vehicle owners: names, first names, addresses, license plates, grey card data," he says. The level of confidentiality of the information, the size of the files, the degree of freshness of the data can determine the value of the exchanges. Every detail counts.

In practice the email address does not cost enough. From "a few cents per email address to a few hundred euros for the 15-20 million address pack," says Damien Bancal. "A list of email addresses of 40,000 addresses of company bosses (…) can be worth 500 to 1000 euros (550 to 1100 francs)," notes David Sygula.

Now access an unlimited number of passwords:

Check out our hacking software

Would Facebook have been the victim of a data leak?

It was recently discovered, a personal database from Facebook whose access is completely free on the internet.

This database contains hundreds of millions of phone numbers and other personal information. According to the information received, this is personal data that leaked because of a security breach that was corrected in 2019. "These are old data that had already been leaked to the media in 2019. We found and repaired this problem in August 2019," a spokesman for the popular social network said at the time.

This article will also interest you: Facebook: a data leak exposes hundreds of millions of phone numbers

Specifically, the 533 million Facebook users who are affected by this huge data leak. The main data exposed are telephone numbers directly affiliated with the account of the individuals concerned. This situation highlights the amount of data collected by the American giant not to mention the vulnerabilities in computer security.

"Phone number, Facebook ID, full name, location, past place, date of birth, (sometimes) email address, account creation date, relationship status, biography. (Are the information in the database)

The wrong actors will certainly use the information for social engineering, scam, hacking and marketing. Alon Gal, the technical director of Hudson Rock, a cybercrime agency, explained on Twitter.

The database was discovered by the American online media, Business Insider. The information it contains comes from 106 countries according to the latter. It is believed to have been in circulation for several months. Then it was put back online on this hacker forum "raidsforum.com."

Unfortunately for Facebook's reputation this kind of disclosure is not a first. Already in 2018, the scandal linked political firm Cambridge Analytica has prompted Facebook to remove this feature that allows to find the Facebook profile of an acquaintance through his phone number, because millions of data have been used for user study.

Among the numbers in the database, "there is that of Mark Zuckerberg, himself in person.

As for the #FacebookLeak, out of the 533 million people in the leak – the irony is that Mark Zuckerberg is unfortunately also included in the leak.

If journalists are having trouble getting a statement from Facebook, maybe give it a call, such in the leak? đź“ž," walker jokes.

Once again, Facebook's reputation will suffer. On the Users' side, it is recommended that a set of ways to protect themselves be put in place so that cybercrime does not benefit from this new wave of free personal data that is circulating. Therefore, the activation of two-factor authentication is a necessity. We will also have to be reassured that we have not been hacked. If possible completely change the passwords used. In addition vigilance had been put on all sides.

Now access an unlimited number of passwords:

Check out our hacking software

Facebook faces European justice

The European justice system will have to decide in a few weeks' time whether certain actions of the world's largest social network are legal.

In this case, users' personal data sharing between the U.S. company and its subsidiaries.

This article will also interest you: Facebook: a data leak exposes hundreds of millions of phone numbers

This referral to the European Court of Justice was following a request from the provincial court in Dusseldorf, Germany. The purpose of the referral was to ask the European body to decide on issues concerning interpretations of the general regulation of personal data regarding Facebook users' data sharing actions with other platforms affiliated with it such as WhatsApp and Instagram. This issue seems to be of particular interest to several state agencies, such as the equivalent body of the CNIL in Ireland.

"This is a new episode that opens with the sharing of users' personal data between Facebook and its subsidiaries, WhatsApp and Instagram. The Provincial Court in Dusseldorf, Germany, has finally decided to refer the question of the legality of this sharing to the European Court of Justice," says Alice Vitard, IT journalist

The issues related to this case in the world since February 2019. It was on this date that the Federal Anti-Cartel Office, known as Bundeskartellamt, an institution that is equivalent to the competition authority in France, found that the world's largest social network, Facebook does not import enough information to these users about the scope of data crossings that Facebook will make with other branches of its group including Instagram and WhatApps.

Since the process and scope of this data processing crossover have not been well specified by the social network Facebook, having it validated by the station of simple terms of use on the opening of a single account on one of the applications is not possible in this sense. The German authority has at the time considered that this may constitute a dominant position authority on the part of Facebook, because the social network to set up a targeted advertising service to them fairly effectively to lag behind its competition.

In this context, the German anti-competition authority to require the social network to review the content of these terms of use by ensuring that this is appropriate to the provisions developed in the General Data Protection Regulation. Facebook, for its part, appealed to the provincial court in Dusseldorf. The issue presented to the German court overturned the first decision of the anti-competition authority. Seized by an appeal from the German competition authority, the Supreme Court for its part agreed with the latter, which then referred the case to the judges of the provincial court in Dusseldorf. Faced with this situation, the judgments then asked the European Court of Justice to decide this case its view on the interpretation of the general regulation of data protection. "The question of whether Facebook is abusing its dominant position as a supplier in the German social networking market, because it collects and uses the data of its users in violation of the RGPD, cannot be decided without referring it to the ECJ," the court said.

This situation seems to please Facebook, even if nothing has been decided yet, especially since nothing is yet in its advantage. "Today, the court in Dusseldorf expressed doubts about the legality of the Bundeskartellamt's order and decided to forward the questions to the ECJ," a Facebook spokesperson said. "We believe that the Federal Cartel Office has misrepresered European law."

One thing is certain, given the circumstances and given the scope of the matter, the depressions of the judges of the European Court of Justice will of course have an effect of jurisprudence.

It should also be mentioned that several other institutions around the world are keen to be able to take this situation and compare it to their legislation on the protection of users' personal data.

Now access an unlimited number of passwords:

Check out our hacking software

Facebook: Data leak exposes hundreds of millions of phone numbers

Recently, it was discovered that millions of phone numbers were over-the-counter on Telegram.

This phone number would come from Facebook, in other words numbers that are linked to users' accounts, from which a security flaw would have caused the leak. Computer security researchers have found that this sale and you organized by a bot.

Events instead during this week. The world's largest social network is still affected in the way it manages the personal data of its users. This may cost more than the last case that cost it millions of users involving its famous WhatsApp messaging.

This article will also interest you: When Facebook offers itself a 0-Day loophole

Facebook is highly singled out for these various security vulnerabilities that expose users' data. The example is confirmed again. Hundreds of millions of phone numbers are now at the mercy of cyber criminals. According to computer security expert Alon Gal in a Twitter post, the security breach discussed here has been dating back to 2019. It would have been resolved since then. However, hackers have managed to exploit it. Exposing nearly 533 million Facebook accounts according to the expert.

"In early 2020 a vulnerability that enabled seeing the phone number linked to every Facebook account was exploited, creating a database containing the information 533m users across all countries. It was severely under-reported and today the database became much more worrisome," Alon Gal's Twitter account read on January 14. In French, this states: "In early 2020, a vulnerability to see the phone number linked to each Facebook account was exploited, creating a database containing the information of 533 million users in all countries.

It was seriously under-reported and today the database has become much more worrying."

In practice, the security flaw allows a hacker to collect phone numbers associated with Facebook account. A very sensitive database, which unfortunately happens to be marketed on Telegram.

"It is very worrying to see a database of this size being sold in cybercrime communities, it seriously infringes our privacy and will certainly be used for smishing a[fraude par SMS]nd other fraudulent activities by bad actors. says Alon Gal, interviewed by Motherboard.

The various observations determined that it is a program that is responsible for the marketing of the numbers of phones stolen via the security flaw. This program also determines the number of accounts affected in relation to the country. On the French side, more than 19.8 million accounts are directly affected. According to the computer security researcher, the program in charge of marketing stolen data on Facebook has been active since the second half of January.

Now access an unlimited number of passwords:

Check out our hacking software

A scam victim on Facebook's Marketplace: more than €10,000 extorted

In the world of cybercrime, a technique is particularly popular with hackers.

This is undoubtedly about the famous phishing still called phishing. And whatever we say, this technique is still relevant continues to produce its effect. Unfortunately, people are spared and even the regulars of the net. Recently, a 60-year-old Belgian woman from the town of Ganshoren was hit hard by this somewhat despicable practice.

This article will also interest you: will Facebook end the year with a new data leak?

We realize that despite all the awareness and the companion of information on phishing, the population remains always less informed and always exposed to this practice. The 60-year-old Belgian was unfortunately the victim of a scam that nexted to her a nice sum of money.

“I lost 10,300 euros,” says the victim.

The events begin in 2020 easily during the month of December. Especially when the victim tries to market a piece of furniture on Facebook. “I tried to sell a small nightstand for 25 euros,” says the Ganshoren resident. “I go on it several times a day. And the Market Place, I use it regularly to sell something.” In a sense if questioned, she saw herself as a pretty cautious person on social media. Unfortunately, however, these precautions were not enough in this case. “On the same day, a lady who says her name is Marianne Jamotte on Facebook came forward,” the Belgian claims to have done as usual.

That is, check the profile of the person who contacted her. “I looked at his profile a little bit, he looked perfectly normal, even comforting.” Then several begins the exchange the Belgian of 60 years and the crook who pretends to Marianne. Communication is mainly on Facebook Messenger. “She was speaking in good French, there was nothing suspicious. At the end of the transaction, when I wanted to call her, she said she couldn’t pick up, and then she lost her mobile phone.”

However the scammer practices a fairly classic scam type in the field. This is the scam to the DPD account. The attitude of the person at the end of the line begins to be suspicious, when his last offers to send money via an express DPD account. The problem was that Christine did not know this type of scam. A scam that relies mainly on international or domestic delivery houses.

“I told him that I didn’t know this method, but I wanted to try it. She told me that she had made the payment to DPD Express, and that they were going to pick up the package, and give me the money. But since I didn’t have an account yet, she told me I was going to get an email to open an account. I received it within a minute,” says Christine. A few minutes later, she receives an email. The victim “thinks that it is indeed from DPD Express” despite the fact that several elements could have made him fully understand the opposite such as the email address that ends with gmail.com. “The email tells me that I received 25 euros, and that I have to open an account by clicking on the link.”

Faced with the situation, claims to have been several times in the presence of alarm bells that would have made her realize that she was being ripped off. Unfortunately: “Alarm bells every time, which I overstepped.” According to Christine, one of the first signs that should have caught her attention: “this is the site to which the link pointed: it wasn’t very clean, it was blurry, the colors were difficult to read.”On the website: “I had to encode my ING account number, and my customer number.” After all this procedure, she receives a call that supposedly came from DPD Express.At the end of the phone asks him to bring his bank card and his card reader for confirmation of his account.

The victim claimed to have been at a time in the face of such a request. “I kind of quipped because the gentleman on the phone with a strong African accent.” She then refers to a widespread phenomenon called, the phenomenon of the famous novelists known in French-speaking Africa. But at the time she will be sure to say “that there are a lot of foreign workers in the transport companies”, which is not surprising given the situation. “I haven’t stopped, I don’t understand why.” Unfortunately for her, the next few minutes she will have her bank account debited more than 10,000 euros. “He told me to put my card in my reader, press Identify, and give me the code. Then he asked me several times for codes. He told me not to open my ING banking application, because it could cause problems in the transaction. ». After transmitting more than 3 codes, the curious victim will then open the ING application. This is where she will observe some rather unexpected movements on her bank account.

Then she said to her interlocutor, “Sir, you are busy emptying my account! ». Then the other end of the phone replies, “No, ma’am, trust me, don’t worry, stay calm, I’ll pay you back this amount, it’s because there’s a problem with the transaction.” He then asks her to pass the card through the reader. The victim responded by saying, “I tell him who if he has to pay me, I must not sign. He told me to trust him, otherwise I was going to lose my money. And I signed again, and he charged me twice 3650 euros.”

“I feel like I’ve been hypnotized. I don’t understand why: I was reacting well by telling my interlocutor that he was emptying my accounts, and saying that I shouldn’t sign, but I didn’t stop. When I hung up, I collapsed.”

After re-establishing herself in the face of this scam, she immediately informed the police to file a complaint and also her bank. “A fraud case has been opened with ING. They told me they were going to try to get the money back. Some had gone into accounts PayPal in Singapore, they told me it was going to be difficult. But the last two large amounts went into an account in France, and they were trying to get them back because the regulations are the same as in Belgium.”

Now access an unlimited number of passwords:

Check out our hacking software