A hacker is selling more than 500 million phone numbers of Facebook users through a Telegram bot, according to Motherboard.
Alon Gal, o-founder and CTO of cybersecurity firm Hudson Rock, who is the motherboard of the breach, says the data originated from a 2019 Facebook vulnerability.
Gal tweeted that the vulnerability was exploited in early 2020, allowing an attacker to see the phone number linked to each affected Facebook account. It added that the breach that allowed the hacker to access the account information of 533 million Facebook users was not reported at the time it happened.
The Telegram bot allows you to match the identification and phone numbers of 533 million Facebook users
Motherboard says the Telegram bot claims to have information for Facebook users in the US, Canada, the UK, Australia, and more than a dozen other countries.
“A few days ago, a user created a Telegram bot that allows users to query the database for a low fee, allowing people to find the phone numbers linked to a large portion of Facebook accounts,” Gal tweeted.
The Telegram bot allows a person with a Facebook user ID to find their corresponding phone number. Similarly, a search engine could find the user’s ID if it already has the mobile number of the Facebook user. The bot displays redacted information, for free users, but a search engine might pay to see the complete information.
The owner of the Telegram bot charges a credit worth $ 20 to view the results of a single search, while mass users can buy 10,000 credits for $ 5,000.
According to screenshots shared by Gal, Motherboard says the telegram bot has been in operation since January 12, 2021.
Upon launch, the Telegram bot displays the message: “The bot helps find out the cell phone numbers of Facebook users.”
Authenticity of Facebook user information confirmed
Motherboard tested the bot and confirmed that the breached data was authentic even for users who hid their number from their public profile. This implies that Facebook users who activated two-factor authentication for account recovery could also see their phone numbers exposed through the Telegram bot.
Worse still, the Telegram bot allows interested parties to easily access Facebook user information without the need for technical knowledge. This makes the data widely accessible to potentially more threat actors.
Gal said that the sale of such a large amount of information severely affected the privacy of Facebook users and exposed them to possible fraudulent activities by bad actors.
It was unclear if Motherboard contacted Telegram to remove the bot. Although the Telegram bot could be removed, the hackers still have the data and could still find other channels to sell the information of Facebook users. However, turning off the Telegram bot reduces the spread of illegally obtained information.
When contacted by Motherboard, Facebook said the information was leaked before the contact vulnerability was fixed and new identifications were created. The social media giant said it tested the Telegram bot with more recent data from Facebook and received no results. Even if Facebook’s claims were true, accurate information from millions of Facebook users was still circulating.
#Hacker created a Telegram bot to match the phone numbers and IDs of 533 million Facebook users. Buyers search for phone numbers using Facebook ID or vice versa. #cybersecurity #respectdata
Exposing mobile phone numbers and corresponding account IDs exposes Facebook users to potential targeted phishing attacks on the social network and vishing and smishing via mobile.