Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Attacking the Attackers: Facebook Hacker Tools Exploit Their Users

    By
    SEAN MICHAEL KERNER
    -
    September 8, 2016
    Share
    Facebook
    Twitter
    Linkedin
      Facebook Hacker tools

      For those who are looking to hack the Facebook accounts of others, there is a marketplace of Facebook Hacker tools that offer the promise of point-and-click ease. According to a new report from Blue Coat Elastica Cloud Threat Labs (BCECTL), the promise made by many Facebook Hacker tools is false.

      Rather than providing access to the Facebook accounts of others, BCECTL found that most Facebook Hacker tools only exploit the users of the tools.

      “The samples we have analyzed don’t perform any real Facebook hacking as opposed to what is being claimed,” Aditya Sood, director of Security and Elastica Cloud Threat Labs at Blue Coat Elastica, now part of Symantec, told eWEEK.

      BCECTL looked at multiple tools with various names, including Faceoff Facebook Hacker, Skull Facebook Hacker and Scorpion Facebook Hacker. The various tools can require the user to input their own Facebook credentials in order to gain some form of access.

      Sood explained that the way the tools typically work is they will ask the user of the tool to provide the Facebook profile ID to be hacked. After that, it displays some fake system-critical failure messages. Following the failure message, the tool will ask the user to provide an activation code to hack into the profile.

      “When a user clicks the button to obtain an activation code, the browser is redirected back to some unauthorized domain such as http://faceoffactivationcode.com/ that could lead to advertising which might be malicious in nature,” Sood said.

      The various Facebook Hacker tools are shared and promoted in various ways, including via an email phishing campaign. The attack is targeted against individuals that are interested in getting the private information of other users’ Facebook accounts, according to Sood.

      “However, we discovered this attack by analyzing the files hosted on Google Drive as a part of in-house activities to gather more intelligence and feeding that back into the [Blue Coat] product,” Sood said.

      Links to various Facebook Hacker tools were being actively distributed and shared on Google Drive. BCECTL reported the malicious Google Drive URLs to Google’s Safe Browsing report phish link: https://www.google.com/safebrowsing/report_phish/.

      “It’s hard to list the numbers, but we have discovered multiple instances [seven-plus] on Google Drive at the moment,” Sood said. “We haven’t checked on other cloud services or standard domains.”
      The Elastica CloudSOC platform can detect anomalies in the compromised cloud service accounts that are used to host these kinds of tools for abusing the cloud service for unauthorized activities, Sood adding that Symantec/BlueCoat has the ability to dissect the network traffic to look into threats and associated anomalies. Additionally, the Symantec/BlueCoat global threat intelligence network provides regular updates about the state of URLs, he said.

      The Facebook Hacker tools are distributed at minimal cost ($20 for two to three months) or free of charge, Sood said. He emphasized that the Facebook Hacker tools are not doing explicit Facebook hacking. Rather, they are stealing end-users’ Facebook account credentials, which can be further used to conduct additional sets of attacks, such as drive-by downloading through malicious link sharing in target accounts, stealing private information, phishing and spamming through Facebook messages.

      Although the report looked at Facebook Hacker tools, there are also similar tools available for Twitter that work the same way.

      “We have seen instances of several domains which claim to hack Twitter but end up in the same behavior,” Sood said.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×