A cybercriminal created a bot that sold access to millions of mobile numbers of Facebook users through the Telegram messaging app, according to a new report.
The bot pulled information from a huge database of phone numbers extracted from Facebook before the social network put a security hole in 2019, according to Motherboard.
A Telegram support representative told The Post that the robot had been blocked on Tuesday morning. But it is unclear exactly when it was disabled and how long it was active on the platform.
Anyone who had opened the bot’s Telegram profile could enter the Facebook ID of the person they were looking for and the robot would get the corresponding phone number, the outlet reported Monday. According to reports, it also worked differently: enter a phone number and the robot would retrieve the Facebook ID that matched it.
But there was a problem: the bot initially hid most of the phone number and forced users to pay to see it all, according to the report. Prices reportedly ranged from $ 20 for a single “credit” to $ 5,000 for 10,000 credits.
The unidentified person who created the bot claimed he could access the phone numbers of 533 million Facebook users in dozens of countries, according to Alon Gal from cybersecurity company Hudson Rock, which saw it about two weeks ago.
“It’s important that Facebook notifies this violation to its users so that they are less likely to fall victim to different attempts at piracy and social engineering,” Gal told Motherboard.
Facebook said the data came from a previous security issue that allowed cyberattackers to link phone numbers to user profiles using sophisticated software code.
“This is old data,” a Facebook spokesman told The Post in an email. “We found and fixed this issue in August 2019.”
The Telegram robot did not return any matches when Facebook tried to verify it with data from more recent users, the technology giant added.
But that doesn’t help people who linked their phone numbers to their Facebook accounts before fixing the problem, Motherboard noted. The social network already had more than 1.6 billion daily active users in September 2019.
The bot appeared on Telegram as the encrypted messaging service saw users rise amid concerns about Facebook’s changes to the privacy policy of WhatsApp, its own messaging app. WhatsApp has pushed back the deployment of the policy.