A certain developer, who got his hands on a database of phone numbers of 533 million Facebook users, made a Telegram bot through which everyone can get his phone number using the user’s Facebook ID for a small fee. This is reported by The Verge with reference to Motherboard .
Digital security researcher Alon Gal told Motherboard that the bot’s developer took advantage of a previously existing Facebook vulnerability that allowed the download of phone numbers and digital IDs of social network users.
The company fixed the vulnerability in 2019, so the data offered by the bot is relatively outdated. However, this does not mean that cyber security threats do not exist: people rarely change numbers, which means that fraudsters can use this tool, for example, to try to gain access to an account. And in general, the ability to find out a person’s phone number on Facebook or vice versa is a sad business, as it puts the privacy of social network users at risk. To obtain complete information, the bot requires you to pay $ 20 – for this price, 1 credit is purchased (an analogue of the digital currency created by the developer for the bot). The rates for loan packages vary and reach $ 5 thousand for 10 thousand loans.
“It is very important that Facebook notifies its users of this leak. This can reduce the likelihood that many of them may become victims of various hacking or social engineering attempts, ”said Alon Gal. So far, Facebook hasn’t responded to this.
As stated in the information section of the Telegram bot, the database contains information about Facebook users from more than 100 countries around the world.