Telegram bot whips phone numbers of Facebook users

• The comparison
• Tutorials
• Telegram bot whips phone numbers of Facebook users

A Telegram bot offers a database of phone numbers belonging to a reported 533 million Facebook users. The secure messaging app is being misused to allow people to acquire sensitive information without the owner's consent and without even having to interact with the anonymous person running the bot. The Facebook information offered by the Telegram bot reportedly comes from a 2019 vulnerability that has since been patched. If a person knows a person's Facebook ID, he can use the bot to acquire the corresponding phone number. Conversely, if a person knows someone's phone number, the bot can be used to find out that person's Facebook ID. However, the Telegram bot is not meant to give away sensitive information for free. Unlocking a single piece of information costs one credit, which will set you back €20. Combined discounts are available, with 10,000 credits offered for €5,000.

Data for sale

Reports of the Telegram bot started surfacing a few weeks ago, which is quite an embarrassing development for Facebook given that it typically asks for a person's phone number to enable two-factor authentication. A data breach, even two years old, has made this security feature a potential vector for tracking attacks. It's unclear who is behind the Telegram bot, but the messaging app should probably remove the bot as soon as possible. The more opportunities you have to sell sensitive information, the more likely it is that affected Facebook users will be targeted by phishing attempts and other fraudulent activity. While disabling the Telegram bot won't remove Facebook Breach 2019 data from the web, it will close at least one avenue to access it. Via The Verge