A report from Motherboard states that hundreds of millions of Facebook users’ cellphone numbers have been sold through the Telegram bot. The prices posted also vary, namely one credit is priced at US $ 20 or 10 thousand credits worth US $ 5 thousand.
According to security researchers, data that has existed since January 12, 2021 states that the telegram bot has 533 million users information. This data was obtained from a Facebook vulnerability patched in 2019, citing The Verge.
Alon Gal said that the person running the bot claims to have information from 533 million users. This data has been on Telegram since January 12, 2021 but comes from a Facebook vulnerability patched in 2019, quoted by The Verge, Tuesday (26/1/2021).
Bot can do Two Things
With bots it can do two things. First, if they have someone’s Facebook account ID, then they can find that person’s cellphone number. The opposite can also be done, armed with a telephone number, you can search for Facebook user IDs.
It is not yet known whether Motherboard and Alon Gal have contacted Telegram to delete the data.
“It’s very worrying to see such a large database sold in the cybercrime community. It compromises our privacy and will be used for smishing and other fraud by bad people,” Alon Gal said.
Alon Gal obtained sample data on the Telegram bot, then shared it on Motherboard and Facebook.
To Motherboard, Facebook explained that the data was related to vulnerabilities and was patched in August 2019. The company also claims that the data was deleted before repairs were made, The Independent quoted him as saying.
Alon Gal said that Facebook can notify its users of the data breach. That way they don’t become victims of cyber fraud.
“It’s important for Facebook to notify its users about this violation. So they are less likely to fall victim to hacking and social engineering attempts,” said Alon Gal.