“Any Facebook account can be hacked” – so claim the creators of an online service which, for only $100, allegedly provides clients with the login and password credentials to access any account on the popular social networking site. This not only includes accounts belonging to ordinary people, but also celebrities, politicians, or well-known companies.
Uncovered by global IT security vendor Panda Security, the criminal outfit conducts payments online through Western Union, with the money transferred to the Ukraine, further fueling the perception that most Internet mafias are based in Eastern Europe. The domain that hosts the service is registered in Moscow.
The company claims to have been offering this service for four years with only one percent of accounts hack-proof. In these cases, they offer clients a money-back guarantee. However, the domain is just a few days old.
Users can also get extra dollar-credits to spend on the service when they hack more accounts. They can even become affiliates to help hackers reach a broader audience. These affiliates receive 20% of what they sell in credits for hacking more accounts.
“The system’s real purpose may be hacking Facebook accounts as they say, or profiting from those that want to try the service,” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “In any case, the Web page is very well designed. It is easy to contract the service and become either the victim of an online fraud, or a cyber-criminal and accomplice in identity theft.”
Once an intruder hacks into a Facebook account, all personal data published on the site can be stolen. Similarly, those accounts can also be use to send malware, spam or other threats to the victim’s contacts. In the case of celebrities of other well-known entities, they can be used to defame the account holder such as through spreading information in their name.
Find out more at the PandaLabs blog.