Bottom Line Up Front: A global scam was uncovered after an unsecured database containing the usernames and passwords of at least 100,000 Facebook users was discovered. Cybercriminals used the login credentials of these users to direct people to a fake Bitcoin trading platform to scam them out of at least $295 USD.
Details: Researchers discovered an unsecured Elasticsearch database that contained information of at least 100,000 Facebook users. The database was open between June and September of 2020 and was closed one day after it’s discovery on September 21st. Researchers believe that the database was attacked by the ongoing Meow cyberattack, which completely wiped all of the data. (A Meow attack is one of many ongoing attacks that started July 2020 and has left more than 1,000 databases permanently deleted, the attack leaves only “meow” as a calling card.) The scam targeted Facebook users with a network of websites owned by malicious third parties. It tricked these users into providing their login credentials with the promise of showing them who had recently viewed their profiles. A series of fake Facebook pages allowed the attackers to save the victim’s username and password. These credentials were then saved on the unsecured database for use in further fraudulent activity.
We recommend changing your Facebook password. If you believe you may have been the victim of an internet fraud attack or scam it would be a wise decision to invest in tools to help encrypt your passwords. Remain vigilant when using the internet. Check and double-check the URL of any websites or links you click.