Feeds

Facebook hack service smells fishy

Supposed hackers may be scamming the terminally nosey

Securing Web Applications Made Simple and Scalable

Eastern European hackers are offering to crack into any Facebook account for a fee of $100, payable online through Western Union, though circumstantial evidence suggests that the scheme might just as easily be geared towards ripping-off potential clients while delivering nothing.

The Facebook hacking service, offered by Ukrainian hackers via a domain registered in Moscow, offers to provide clients with the login and password credentials of any account. Potential clients are offered a money-back promise in cases where a targeted profile (which might belong to celebrities, politicians, or well-known companies as well as ordinary users) proves unhackable.

Screenshots from the supposed service, obtained by Panda Security, can be found here.

Hackers claim they've been offering the service for four years, during which time they've enjoyed a 99 per cent success rate. However, the domain via which the service is offered is only a few days old, raising doubts about the authenticity of the service.

"The system’s real purpose may be hacking Facebook accounts as they say, or profiting from those that want to try the service," said Luis Corrons, Technical Director of PandaLabs. "In any case, the Web page is very well designed. It is easy to contract the service and become, either the victim of an online fraud, or a cyber-criminal and accomplice in identity theft."

Corrons, who explored the service without handing over a fee to the cybercrooks behind it, concludes that it's very probably a scam.

"This is all about taking the money from users. And at the end, as the user wanted to hack an account, he won't call the police," he concludes.

While this particular service is suspect, that's not to say account hijacking on Facebook is not a problem.

Hacking the Facebook account of a celeb or big brand might be an end in itself. Alternatively, access to social networking accounts might be used to spy on targets.

Compromised social networking profiles in general might be used to distribute spam or malware or as stepping stones towards attacks on a mark's webmail or online banking accounts. ®

Mobile application security vulnerability report

More from The Register

next story
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.