Since the last major drop in data on Facebook, it has been more than a month since social network users have come up with even more unpleasant news. With the malicious browser extension, cybercriminals could capture tens of millions of personal data, including private messages reported by Kaspersky Lab.
The BBC's investigation said the online forum offered 120 million Facebook user data for 10 cents for each individual profile. In order to show the value of the data, a small part of the databases was publicly displayed. It contained 257,000 user data, including private messages by about one third (81,000) of them.
Of course, the claim about the disclosure of 120 million accounts can not be confirmed or refused without access to the full version of the database, but according to the BBC, the thought that verified the data shows that the weight of the archive is true.
Obviously, both leaks are interconnected. The previous incident is related to the vulnerability of Facebook to use centralized data exchange, but in the latter case, the data is collected through malicious browser extensions that the victims installed on their computers. This is completely different.
Extensions (also known as add-ons or add-ons) are small programs installed in the browser to extend its functionality. Examples are toolbars that modify the browser interface, ad blockers, and the like. These extensions represent a problem, so that – and most of them do it as usual – they can view the content displayed to you by the browser (and change it if that is the case).
This capability enables highly trained user activity on the Internet for trackers and data collectors. In this case, we are talking about data collected on Facebook pages, but this can in principle steal all data. For example, bank information is not protected. For more information, see "Why be careful about browser extensions."
For now, it is not and may never be clear which extensions were used for the latest leaks in Facebook. Maybe other information was stolen; For now, it's also unknown.
Based on this event, Kaspersky Lab experts can now make two general recommendations.
• Be careful about browser extensions and do not install them without distinction. Some sites now contain many of our most valuable information, and extensions have access to it.
• Be careful with online private ads. It can be a lot less private than you think.