Facebook users should change their passwords as 1.5 million Facebook accounts and passwords have been put up for sale by a hacker “Kirllos” in Russia.
VeriSign’s iDefense group has warned that a hacker, “kirllos”, is advertising up to 1.5 million Facebook user names and passwords for sale, in bundles of 1,000 accounts starting with 10 friends or less for US$25 and bundles of 1,000 for those with more than 10 friends for US$45.
It is thought that 700,000 accounts had already been sold by “Kirllos”, who was believed to be a 24-year-old from New Zealand, but was Russian born.
However, The Australian reports that Kirllos was traced back to Saransk, Russia, about 630km east of Moscow.
“The only connection between him and New Zealand is that he changed his underground forum profile to that of a female from New Zealand,” Detective Senior Sergeant John van den Heuvel of the National Cyber Crime Centre said.
“He is still in Russia and there is no information to suggest he has ever been to New Zealand. Russian police are now investigating,” Mr van den Heuvel said.
It is not known how “Kirllos” came into possession of the Facebook usernames and passwords, however it is most likely he “phished” the log-in details using either spam designed to direct users to log-in to a fake Facebook page that captures their passwords, or malware that logs keystrokes and reports back possible username/email and password details.
It is likely that the buyers of these Facebook log-in’s will use them to commit confidence scams on people’s friends, or as has happened to someone known to Dynamic Business, to send messages to friends that the account’s owner is trapped in a foreign country (in this case London) and needs money to get home.
Additionally having Facebook account information will allow these criminals to compile information for potential identity theft attempts, looking for birth dates, mothers maiden name and the like to use as credentials to gain access to bank accounts and request new credit cards sent to alternate addresses.