Facebook has deleted over 100 private discussion groups revealed to have been facilitating identity fraud and cybercrime for years on the platform.
Journalist Brian Krebs claimed to have found the groups after searching for just a couple of hours last week. He said they covered a broad range of illicit activity including DDoS-for-hire, carding, 419 scams and botnet creation tools — with over 300,000 members signed up.
Most were easily identifiable by group names such as “botnet helpdesk” and “tax refund fraud” and had been active on the social network for an average of two years — with 10% having lasted for over four years without being discovered, reported, or shut down.
Krebs claimed that he only sought out groups operating in English language and with over 25 members.
“As such, there may well be hundreds or thousands of other groups who openly promote fraud as their purpose of membership but which achieve greater stealth by masking their intent with variations on or mispellings of different cyber fraud slang terms,” he argued.
Although the groups blatantly abused Facebook’s community standards policy regarding the promotion of illegal goods and services, the social network appears to have had no automated way to check and investigate such activity, relying primarily on users to report violations.
A statement sent to Krebs claimed that the firm would look at “other ways to use automation” in the future.
“We investigated these groups as soon as we were aware of the report, and once we confirmed that they violated our Community Standards, we disabled them and removed the group admins,” it added. “We encourage our community to report anything they see that they don’t think should be in Facebook, so we can take swift action.”
The existence of such forums on the dark web is well known, although the buying and selling of hacking tools and online account credentials on a legitimate platform like Facebook will come as a surprise to many.