Facebook identifies hacker

We reported a few weeks ago that a hacker going by the handle 'Kirllos' had managed to acquire the credentials of 1.5 million Facebook accounts and was selling them at unbelievably low prices in certain black market forums. He reportedly sold close to 700,000 accounts in a short time. There was no conclusive evidence pointing to the legitimacy of Kirllos' claims or of the accounts themselves, according to VeriSign. 

ComputerWorld reports that Facebook has identified the real persona behind Kirllos. According to Facebook spokesman Simon Axten, "We have determined Kirllos' identity through IP addresses, online accounts, and other information and believe that he's very likely a low-level actor." Axten won't name names, but he will confirm that the hacker was based out of Russia, and that the 1.5M number is hugely exaggerated. He is a Facebook hacker - Axten confirms that he does indeed have credentials from many Facebook accounts - but he was only using basic social engineering, phishing, and malicious code placement, and likely only successfully discovered a few thousand credential pairs. 

Facebook has reset the passwords of the accounts known to have been hacked by Kirllos, and they are trying to cooperate with Russian authorities to help take down Kirllos by releasing everything they know about him to Russian law enforcement. However, it is infamously hard to prosecute Russian hackers from the US, and Kirllos doesn't seem to be making himself an easy target. He all but vanished once the initial offer for the accounts went up, and he shied away from Facebook officials trying to contact him for account purchases.

Image courtesy of Hardwaretricks.

Report a problem with article
Previous Story

OnLive partnering with BT for European bundling initiative

Next Story

Acer unveils Chrome OS devices in two weeks

54 Comments

Commenting is disabled on this article.

hackers like him need to be beaten to a pulp to show that hacking does not pay it only hurts you and that you are put in jail and praticaly forgotten about.that message will tell hackers that if you hack you will recieve a beating then left in a hole where nobody cares about you, almost like you never existed. very simple to avoid and that is to not even start hacking.

soldier1st said,
hackers like him need to be beaten to a pulp to show that hacking does not pay it only hurts you and that you are put in jail and praticaly forgotten about.that message will tell hackers that if you hack you will recieve a beating then left in a hole where nobody cares about you, almost like you never existed. very simple to avoid and that is to not even start hacking.

Its fun though!!! haha

witalit said,

Its fun though!!! haha

I still prefer the idea of punishing this guy by having the names of all 1.5 million users whose info he stole tattooed on his body in one continuous session. Seems like a fitting punishment.

markjoya said,
So much for secured web. Probably Windows, Linux, and Mac is more secure than Web as platform.

Good call.

Ahmed Samir said,
Well, another reason to NOT use Facebook, heh

As this could happen with any site, you should probably just stop using the internet then...

RonanFarrell said,

As this could happen with any site, you should probably just stop using the internet then...

No, this couldn't happen with any site, it is just the non-existing privacy and security of Facebook.

Edited by ilev, May 14 2010, 6:35am :

ilev said,

No, this couldn't happen with any site, it is just the non-existing privacy and security of Facebook.

Who cares, if people care that much live your life in bubble-wrap!

ilev said,

No, this couldn't happen with any site, it is just the non-existing privacy and security of Facebook.

You can put nearly as much info about yourself in your profile here as you can on Facebook, and someone could just as easily gain access to your account on here as this guy did with Facebook. So, you are wrong.

roadwarrior said,

You can put nearly as much info about yourself in your profile here as you can on Facebook, and someone could just as easily gain access to your account on here as this guy did with Facebook. So, you are wrong.

+1.

roadwarrior said,

You can put nearly as much info about yourself in your profile here as you can on Facebook, and someone could just as easily gain access to your account on here as this guy did with Facebook. So, you are wrong.

You real name, email and you contact list is a lot of information.

XDViPeR said,
Social Engineering tactics. Easy...
Yeah you wouldn't have guessed it since his "ad" said he could get access in 5 minutes but I guess his 5 minute claim was also a little exaggerated.

This is one of the reasons I don't Tweet or Facebook or go to any other sites that you put your personal info about yourself on.

wahoospa said,
This is one of the reasons I don't Tweet or Facebook or go to any other sites that you put your personal info about yourself on.

The principle applies to the internet as a whole. The methods he used to obtain Facebook details are likely no different from the details used to try and get your bank details (i.e. Phishing). Facebook was simply just the target, there's nothing to say that you'd have had your details stolen, unless of course you were dumb enough to actually click on that email link.

Besides, a "hacker" (although I use the term loosely) could do a lot more damage with your bank details, I don't really see the point in getting your Facebook details, since the details on your Facebook couldn't really be used against you... unless you put your bank details on there.

Edited by Majesticmerc, May 13 2010, 11:02pm :

wahoospa said,
This is one of the reasons I don't Tweet or Facebook or go to any other sites that you put your personal info about yourself on.

But you fall victim to phishing scams? You missed the point. It was how he obtained the information (phishing) not that using Facebook means you'll be hacked.