We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

PandaLabs discovers Facebook hacking site

Security vendor says website is part of a phishing scam

A website that claims to help users hack into Facebook accounts has been discovered by PandaLabs.

The Facebook hacking service, which is delivered via a professional looking website, was discovered by security vendor and charges just $100 (£61) per account. However, those who sign up for the service could find themselves becoming the victims instead.

Users of the service are required to first register with the site and then provide an ID of the Facebook account they want hacked, said Luis Corrons, technical director of PandaLabs.

Users who enter the ID and click on a 'Hack it' button are then presented with the username of the owner of the Facebook account. They then have the option to 'Start Facebook hacking'.

Those who follow the instructions are eventually told that the hack was successful and a password for the account was retrieved. But to actually get the password, the user is then required to send $100 via Western Union to an individual in Kirovohrad, Ukraine. It's not clear whether sending the money will yield any login and passwords, Corrons said.

But the way the site has been designed and the ease with which a potential client can interact with it lends it a certain degree of credibility, he said. The site contains an FAQ section, which claims the site has been in business for more than four years.

The site even provides a link to a Webmoney account that in fact does appear to be four years old, Corrons said. However the domain itself appears to have been registered by someone in Moscow only a couple of days ago, he said.

"We've been looking at it and we are 99.9 percent sure it is a ruse," to get people to pay up money in exchange for what they think will be legitimate Facebook credentials, he said.

At least as of the last time PandaLabs inspected the site, it was not downloading or distributing any malware and seems to have been set up purely to scam those seeking to gain illegal access to Facebook accounts, Corrons said.

Those who do fall for the scam are unlikely to go to law enforcement to report it, he said.

Broadband speed test

PC security advice

See also: Facebook kills controversial Beacon system


IDG UK Sites

Where to buy iPhone 6 and iPhone 6 Plus in the UK: Launch day price, deals and contracts

IDG UK Sites

Is Apple losing confidence in itself?

IDG UK Sites

Professional photo and video techniques for perfect colours

IDG UK Sites

How (and where) to buy an iPhone 6 or iPhone 6 Plus in the UK. Plus: What to do if you pre-ordered...