Since the last significant decline in Facebook data, it has been a little over a month since social network users have had unpleasant reports. Using malicious browser extensions, cybercriminals can record tens of millions of personal data, including private messages reported by Kaspersky Lab.
The BBC question stated that the online forum offered to sell 120 million Facebook user data for 10 cents per individual profile. To demonstrate the value of the data, a small part of the databases were publicly displayed. It contained 257 thousand user data, including private reports of about one-third (81 thousand) of them.
Allegedly, 120 million accounts can not be confirmed or denied access to a full version of the database, but according to BBC thinkers who have verified the data, it seems that everything indicates that the exhausted portion of the archive is real.
Both leaks are not apparently interconnected. The previous incident is related to Facebook's vulnerability when using centralized data exchanges, but in the latter case the data is collected using malicious browser extensions that the victims have installed on their computers. That's absolutely different.
Extensions (also known as Plugins or Add-ons) are small programs that are installed in the browser to expand their functionality. Examples are toolbars that change the browser interface, ad blockers, and so on. These extensions pose a problem, so they can – and most of them do as usual – see all the content your browser views (and possibly change it).
This capability is a highly qualified user activity on the Internet for trackers and data collectors. In this case, we are talking about data collected from Facebook pages, but in principle it can steal all the information. For example, bank details are not protected. See "Why be careful with browser extensions" for more information.
There is not yet, and it may never be clear which extensions have been used in the latest data leakage from Facebook. Perhaps more data was stolen; This is still unknown.
Based on this event, Kaspersky Lab experts can make two general recommendations.
• Be careful with browser extensions and do not install them indiscriminately. Now some sites contain many of our most valuable information and the extensions have access to them.
• Be careful with online private listings. It can be far less private than you think.