Facebook is undoubtedly the biggest social media platform today, making it among other things, a target for hackers on darknet markets.
Stolen data are a popular buy on various darknet markets for criminals looking for new identities to hide their clear web activities.
As such, data breaches like the theft of Facebook usernames and passwords are not uncommon.
In a bid to protect its users, Facebook employs more than just the use of secure software to keep out criminals who supply the darknet markets with stolen information.
Facebook buys the leaked passwords from the hackers in the various darknet markets, cross-reference them with existing user passwords, then sends an alert to their users to reset their passwords or make them a lot stronger to ensure their account’s safety.
Cross-referencing Process is Heavy
Facebook’s Chief of Security Alex Stamos admits that the process is not easy at all, but is very effective.
He mentioned that the biggest threat to the safety of user accounts is weak passwords and the reusing of passwords.
He highlights that, despite the security team’s efforts to keep Facebook secure from hackers looking to make a coin on darknet markets, ensuring user accounts safety is an entirely different and notably more difficult aspect.
Facebook’s security team apparently began their data mining venture shortly after the massive data breach of Adobe in 2013.
Their primary goal was to seek out users with weak, reused passwords that were shared on the Facebook and the Adobe platform.
Since then, they have continued to purchase leaked passwords from the various darknet markets in a bid to ensure their users’ continued safety.
Passwords are Secure
For those who are concerned about their passwords being accessed by the Facebook security team, Facebook security incident response manager assures them that the method used to cross-reference the passwords to the respective owners’ accounts is in no way similar.
At the time they began buying the passwords from darknet markets, they ran the plaintext passwords using a one-way hashing code in order to link the passwords to their respective accounts.
The one-way hashing function compares the hashes of the recovered password using hashes that are already stored by Facebook.
If the two hashes are successfully matched using Facebook’s security process, then Facebook identifies the user and sends them a request to change their password in order to enhance account security.
Facebook’s Move May Be Encouraging Cyber-crime
As expected, there has been outcry concerning the morality of the whole situation.
Purchasing stolen information from cyber-criminals in the various darknet markets could only promote their activities, especially now that they realize Facebook will simply pay them to return the stolen passwords.
Stamos admits that the use of passwords and usernames are more than a bit outdated.
Originally coined in the 70s by mainframe architectures, the security provided by them is less than sufficient.
This is mostly the reason why Facebook later adopted additional security measures such as the identification of Facebook friends alongside its original two-factor authentication process to determine whether an account had been compromised.
They have also enhanced the account recovery significantly by making it possible to allow close friends to help in the verification of your account recovery request.
Stamos insists that despite all the security measures they use to protect their users from cybercriminals, there is always the lot that will choose to skip these measures and as such, it is upon the security team to ensure their account security.