[BreachExchange] Facebook Home to 74 Black Market Groups

Destry Winant destry at riskbasedsecurity.com
Tue Apr 9 02:01:11 EDT 2019


https://www.infosecurity-magazine.com/news/facebook-home-to-74-black-market-1/

Researchers at Cisco Talos detected an excess of 70 Facebook groups
that have been selling black-market cyber-fraud services, some of
which have managed to remain on Facebook for up to eight years,
according to a Talos Intelligence blog post.

For several months, researchers have been investigating online
criminal flea markets on Facebook, discovering a collective list of 74
groups. Members of the groups offer a wide range of services described
as “shady (at best) and illegal (at worst) activities,” according to
the research.

Though now removed, the groups were selling, buying or trading all
types of illegal services, including "stolen bank/credit card
information, the theft and sale of account credentials from a variety
of sites, and email spamming tools and services. In total, these
groups had approximately 385,000 members.” Credit cards were often
sold with CVV numbers, as well as some of the victim’s additional
identification documentation.

Cyber-criminals and users looking to engage in illicit exchanges were
able to navigate Facebook with relative ease, as they reportedly only
needed a Facebook account to conduct category searches.

“Once one or more of these groups has been joined, Facebook's own
algorithms will often suggest similar groups, making new criminal
hangouts even easier to find. Facebook seems to rely on users to
report these groups for illegal and illicit activities to curb any
abuse,” the authors wrote.

Group members requested government shell accounts or instructions on
moving large amounts of cash, while others offered forged
identification documents.

“The majority of the time, these sellers asked for payment in the form
of cryptocurrencies. Others employ the use of so-called 'middlemen'
who act as a go-between between the buyer and the seller of the
information and take a cut of the profits. These users usually
promoted the use of PayPal accounts to complete the transaction,”
according to the blog.


More information about the BreachExchange mailing list