After Facebook's last drop, it's been just over a month when social network users became uncomfortable news. With the malicious browser extension, cybercriminals may have captured tens of millions of personal data such as private messages reported by Kaspersky Lab.
The BBC's inquiry found that the online forum offered to sell 120 million Facebook user information per 10 cents for each individual profile. To show the value of the data, a small fraction of the databases were publicly displayed. It contained 257 thousand user information, of which about one third (81 thousand) private messages.
Of course, the objection to the publication of an account of EUR 120 million can not be confirmed or denied without the complete version of the database, but according to the BBC thinkers, everything seems to indicate that the leaked part of the archive is real.
Obviously, both leaks are not interconnected. The previous case is related to Facebook's vulnerability in using centralized data transfer, but in the latest case, data is collected by malicious software that victims have installed on their computers. This is quite different.
Extensions (also called extensions or additions) are small, browser-based programs that expand its functionality. Examples include toolbars that change the browser interface, ad blockers, and the like. These extensions cause the problem so that they – and most of them do it in the usual way – see all of the content that the browser displays (and also modify if it exists).
This feature makes them a highly professional user on the Internet for trackers and data collectors. In this case, we are talking about information collected on Facebook, but in principle this may steal all the information. For example, bank information is also not protected. For more information, see Why to be cautious with browser extensions.
At this time, there are no and perhaps never clear which extensions have been used in the latest leak of Facebook information. Perhaps other data is stolen; It is also unknown for the time being.
Based on this event, Kaspersky Lab specialists can now make two general recommendations.
• Be careful about browser extensions and do not install them without separating them. Some sites have a lot of valuable information and extensions have access to it.
• Be Careful in Online Private Lists. It can be much less private than you think.