A Facebook group that offered fraud â€˜servicesâ€™ was recently shut down after the social network found its members published credit card details, networks of hacked computers and other illegal information, according to The Guardian.
The group identified by RSA security researchers included a list of stolen identities apparently obtained by a member. The fake profile, launched on 28 February, gathered 163 â€œlikesâ€ and engaged 20 regular contributors.
â€œSecurity issues, from malware to cybercrime, exist across the whole of the web,â€ Facebook representatives told The Guardian. â€œAlthough security consultants would have you believe otherwise, cybercrime isn’t a big issue on Facebook. While the site has 30 million people using it in the UK, very few people ever encounter malware or cybercrime [on the site].â€
In one post, a member asked the group’s creator to send him a private message, then published six stolen identities, probably credit card details he wasnâ€™t able to use.
While most fraud â€˜servicesâ€™ such as malware â€˜salesâ€™ can be found on the black market, this group was completely open, which caught the attention of security experts.
â€œWe’ve never seen this before,â€ RSA Technical Lead on Knowledge Delivery Limor Kessem said. â€œIt’s very odd to see something like this sold openly via Facebook. The individual [behind the Facebook group] is probably a mid-level developer. He’s taken version one of Zeus, compiled it and created his own skin for the control panel. Even though this version is fairly old, we’re still seeing it used.â€
Facebook removed the group, which had been accessible even to people who donâ€™t have an account on the network, because of policy violation.