Is your Facebook account in jeopardy? If the latest reports are correct, a hacker, known as “Kirllos,” has stolen the account information from 1.5 million users of the popular social networking site. Researchers at VeriSign’s iDefense Labs recently spotted the cybercriminal selling the stolen goods on an underground hackers forum. The cybersecurity company doesn’t know if the accounts are legitimate; however, if the number of stolen accounts is accurate, it would mean that the cyberthief has access to the data for one out of every 300 Facebook users.
Kirllos, a hacker from Russia, is offering the accounts at a heavily discounted price. For users with 10 friends or less, the price is only $25 for 1,000 accounts. Users with more than 10 contacts are a bit more expensive – $45 for 1,000 accounts. While their authenticity is still under question, Kirllos has already sold 700,000, according to iDefense. Facebook has not yet commented on the incident.
Data stolen from social networking sites is extremely attractive to cybercrooks because it can be used for a variety of scams and criminal activity, including identity theft, online banking fraud, and the distribution of malware. Cybercriminals can also use the stolen accounts to conduct targeted attacks on employees in order to infiltrate corporate networks or spread spam on company email accounts (one more reason to avoid visiting social networks at work).