According to a recent news release, PandaLabs has Uncovered a hacking service that promises clients access to any Facebook account for $100. The creators of the service, based in the  Ukraine, confirm the cost and say the fee is payable through Western Union.

I’ll leave you to digest this information on your own. Here is the release:

GLENDALE, Calif., Sept. 18 /PRNewswire/ — PandaLabs, Panda Security’s malware analysis and detection laboratory, today announced the discovery of an online service that promises to hack into any Facebook account for $100. The creators claim, “Any Facebook account can be hacked,” promising to provide clients with the login and password credentials to access any account on the popular social networking site. According to Luis Corrons, Technical Director of PandaLabs, “The service’s real purpose may be hacking Facebook accounts as they say, or profiting from those that want to try the service. In any case, the Web page is very well designed. It is easy to contract the service and become either the victim of an online fraud, or a cyber-criminal and accomplice in identity theft.

Once an intruder hacks into a Facebook account, all personal data published on the site can be stolen. Similarly, those accounts can also be used to send malware, spam or other threats to the victim’s contacts. In the case of celebrities of other well-known entities, they can be used to defame the account holder, spread information in their name, etc. In any event, this is criminal activity.”

In addition to extorting money and obtaining access to clients’ bank account information, the service also has characteristics in line with hacker affiliate programs. Common among cybercriminals, hacker affiliate programs offer other cybercriminals money to spread malware. This strategy is now being used with everyday Internet users through this Facebook hacking site, by offering extra dollar-credits to spend on the service when users hack more accounts. They can become affiliates to help hackers reach a broader audience, receiving 20 percent of what they sell in credits for hacking more accounts.

It is likely that the cybercriminals behind this operation are members of an Eastern European Internet mafia because payments are conducted online through Western Union wire transfers to a payee in Ukraine. The domain that hosts the service is registered in Moscow, providing further evidence of this theory. The company claims to have been offering this service for four years with only one percent of accounts hack-proof. In these cases, they offer clients a money-back guarantee. However, the domain is just a few days old. A series of images illustrating the sales flow can be found on the PandaLabs blog:

What do you think? Is this something of grave concern to us here in the US?

Angela Connor

AddThis Social Bookmark Button

Subscribe in a reader

Advertisements