Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Are Selling Facebook Credentials on the Dark Web For $3 (nypost.com)

Posted by msmash on from the security-woes dept.

Hackers are selling Facebook logins for just $3 on the dark web, according to new research. From a report: The study by Money Guru found that Facebook logins can be bought for as little as 2.30 Pound ($3), with the report coming just hours after it was revealed that an enormous data breach has left at least 50 million Facebook accounts compromised. The research also found that hacked email logins are also being flogged on dark web marketplaces, which are easily accessible to anyone with the right browser and web addresses. Even financial data is being sold cheaply, with credit card information available for as little as $14 and debit card information for $19.50. The research was looking into the availability of logins for sale for the 26 most commonly used online accounts.

7 of 43 comments (clear)

  1. Re:Prices all over the place by cribb · · Score: 2

    Sales Tax. Woudn't want to be on the wrong side of law now, would you?

    --
    Hostes alienigieni me abduxerunt. Qui annus est?
  2. There's a Good Reason it's Cheap by natetheokay · · Score: 5, Informative

    Converting stolen credentials into actual money is hard. Since banks can repudiate and reverse password-enabled transfers you have to have a mule to be left holding the (empty) bag when the bank reverses the transfer. Microsoft had an interesting whitepaper on the topic a few years back: https://www.microsoft.com/en-u...

  3. wow! by Anonymous Coward · · Score: 5, Funny

    Where can I sell my own account myself? I'd honestly rather have 10 chicken mcnuggets than a facebook account anyway.

    1. Re:wow! by Oswald+McWeany · · Score: 2

      Where can I sell my own account myself? I'd honestly rather have 10 chicken mcnuggets than a facebook account anyway.

      This. I will create a facebook account if I can sell it. So far I've not seen any point in making a facebook account- but I will if people pay me for them.

      I will pass on the Chicken McNuggets though, I don't like McDonalds.

      --
      "That's the way to do it" - Punch
  4. Re:Okay, I'll ask the stupid question by Luthair · · Score: 2

    I imagine you could use it for fishing attacks, users are probably a lot more likely to click on a link their friend sent them.

    Also don't forget that the Facebook is also used as a SSO for many sites, so an attacker could use that to access information stored on those sites, or just to spam random sites.

  5. Re: Okay, I'll ask the stupid question by LordWabbit2 · · Score: 4, Informative

    Because a LOT of people use Facebook authentication for OTHER websites, if one of them happens to be an e-commerce site you can then use their saved credit card details to buy stuffs, or stalk them etc.

    --
    There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
  6. At last, now I'll be able to login by clovis · · Score: 4, Funny

    I setup a Facebook account over 10 years ago using a throw-away email account and a phony birthdate. The only real info was my actual name.
    I forgot my password, and Facebook is no help.
    How do I contact these dark web people to get my password? For only $3, it's a bargain.