Private Facebook messages being sold on the internet

Issue appears to be with a malicious browser extension

Andrew Griffin
Friday 02 November 2018 17:07

People's private Facebook messages are being sold on the internet for anyone to read.

Tens of thousands of people's secret chats are being traded without their knowledge, according to a BBC report.

In all, at least 81,000 people's messages are being swapped online, the report claimed. Many of them came from Ukraine and Russia, but many more besides were from users in the UK, the US, Brazil and elsewhere.

Compromised accounts that were caught up in the hack are being sold for just $0.10 each, according to the report.

The leak does not appear to have come from Facebook itself, despite a series of data scandals. Instead, it appears to have been the consequence of malicious browser extensions, which install themselves onto people's computers and are then able to watch their activity and break into their account.

The hackers claimed to have access to 120 million accounts, but they appear to have been exaggeration the scale of the attack. However, the hackers showed some evidence of having the messages of some 81,000 people, a number of which were checked with account holders and confirmed to be genuine.

Facebook said it had contacted browser companies to ensure that the malicious extensions were no longer used. But it advised its users to check the extensions they have installed and remove any that might be malicious.

“Based on our investigation so far, we believe this information was obtained through malicious browser extensions installed off of Facebook,” Guy Rosen, Facebook's vice president of product management, said in a statement emailed to a number of outlets.

“We have contacted browser makers to ensure that known malicious extensions are no longer available to download in their stores and to share information that could help identify additional extensions that may be related,” Rosen said. “We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts.”

“We encourage people to check the browser extensions they’ve installed and remove any that they don’t fully trust. As we continue to investigate, we will take action to secure people’s accounts as appropriate.”

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments