Access to phone numbers on Facebook is being sold via an automated Telegram bot, with the creator claiming to have data on 533 million users.
Reported on Vice's Motherboard, the breach was spotted by CTO of cybersecurity firm Hudson Rock, Alon Gal, on a cybercrime community forum, with the bad actor advertising the Telegram bot that is selling access to its database. The bot easily lets users see the telephone numbers of who they want.
The Telegram bot works by letting users either enter a phone number to see what Facebook user it belongs to, or enter a Facebook user's name to get their phone number.
The service isn't free. Users require credits to gain access to a full telephone number, with one credit costing $20. However, there's also bulk-buying, with $5,000 worth 10,000 credits.
- Facebook smart glasses will launch this year — but it's not what you expect
- Caution — Android malware is spreading — and tricking WhatsApp users into a scam
- Scam alert: Text offering a free year of Netflix collecting private information
Facebook has stated the bot has access to data before an update in August 2019, and that data from new Facebook users or update profiles added after this date is not included in the database. However, it still contains the phone numbers and Facebook user's names prior to this, meaning those who haven't change their numbers are still vulnerable.
Thanks to a two-factor authentication system from Facebook, many have entered their phone numbers supposedly as a way to increase security. This has clearly backfired.
Full list of affected users by country pic.twitter.com/Wrrzd0WyxEJanuary 14, 2021
According to a tweet from Gal, the bot has a list of data from over 100 countries, from the USA and Europe to Asia and Australia. Gal also posted a tweet stating that it had been used as recently as January 12, 2021, meaning it's still very much in use.
There have yet to be updates on whether security will be put in place to stop the bot from accessing phone numbers and Facebook user's data, but there's sure to be a call to action from Facebook soon (hopefully).
Stay in the know with Laptop Mag
Get our in-depth reviews, helpful tips, great deals, and the biggest news stories delivered to your inbox.
Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it's connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag.