It’s easy to understand how hacking groups, involved in undercover cybercrime, might want to keep their activities hidden from the-powers-that-be and law enforcement agencies, and conduct their crimes in secrecy.
Which makes it all the more surprising when you stumble across a group apparently engaged in stealing and sharing login passwords for third party systems, doing so not just on a public-facing website, but on a page hosted by the world’s biggest social network.
A reader of Naked Security, who works at a Yorkshire-based security company, contacted us last week to tell us about a particular Facebook page they had stumbled across belonging to the Albania Pirate Group.
On its Facebook page, 600+ fans and members of the Albania Pirate Group were sharing RDP (Windows Remote Desktop) logins, giving hackers unauthorised access to computer systems, and what appeared to be compromised banking details.
The potentially sensitive information was free for anyone to view, even if you hadn’t “Liked” the page.
Curiously, the Albania Pirate Group has a similar logo to the Kosova Hacker’s Group, who breached servers belonging to the US National Weather Service last month.
Sophos contacted Facebook, and within the hour the social network’s security team had closed down the page.
Remember that pages and groups on Facebook are not pre-vetted, and anyone can create a page with ease and use it for illegal purposes. If you stumble across a Facebook page that you believe is involved in law-breaking or breaches the terms and conditions of the site, you should report it to Facebook.
Our thanks go to the Facebook security team for shutting down the page so promptly.
Stay informed about the latest security and privacy issues related to Facebook. Join the Naked Security page on Facebook, where over 190,000 people regularly share information on threats and discuss the latest security news.Follow @gcluley