Since the mass murder of 50 people in Christchurch, New Zealand last month, Facebook has faced increased scrutiny about the content it hosts. While the platform’s leaders have pledged to redouble its efforts to monitor and excise malicious content, a new report suggests it has a long way to go. In the last few months, the social networking service has hosted cybercrime groups with more than 385,000 combined members.
Cisco Systems’ Talos security group spent months compiling a list of 74 Facebook groups that were involved in selling credit card info and hacking tools. For example, some groups offered to sell Visa-certified credit card data for as little as $15. Researchers also found hacker gatherings where it is possible to purchase cutting-edge phishing tools.
Notably, Talos had little difficulty locating the groups as searching for terms like “spam” or “carding” returned many results. Moreover, the platform’s recommendation algorithms regularly offered suggestions for additional scammer hideouts.
How Talos Took on the Cybercriminals
Talos confirmed the validity of the private information and then began individually reporting the cybercrime groups. However, this proved to be an ineffective practice. Facebook removed some illegal content distribution networks quickly, but others were untouched.
Consequently, Talos contacted the platform’s security officials directly to address the problem. This tactic proved more effective as Facebook promptly shuttered the 74 groups the Cisco team cataloged. However, the group noticed new cybercrime hives had sprouted up after Facebook’s initial purge.
Facebook responded to Talos’ report by noting that it employs 30,000 cybersecurity staffers globally and pledging to continue the fight against cybercrime.
Not an Isolated Incident
Notably, the platform has had a reputation as a thief and malicious operator meeting place for some time now. In 2018, cybersecurity specialist Brian Krebs filed abuse reports on 120 hacker and scammer groups hosting more than 300,000 members. During his investigation, Krebs found two-year-old groups that offered botnet creation and denial-of-service attack utilities.
Disturbingly, the data security expert uncovered Facebook’s hacker underworld in just two hours of searching.
Following tradition, Facebook closed the illegal groups and then promised to do better in the future. When publishing his initial report, Krebs stated he only searched for English language scammer groups with over 25 members. As such, he concluded his initial findings were a figurative tip of the iceberg.
Judging by the harrowing results of Talos’ report, Krebs was dead on.
Why Isn’t Facebook Better?
In November 2018, Facebook posted about something it did to make the world a safer place. Namely, the tech giant had wiped out 99 percent of ISIS and Al Qaeda-generated content on its platform using machine learning tools. The service’s success in ridding itself of terrorist propaganda poses an obvious question: Why can’t the same tools get rid of all the cybercriminals?
Facebook’s leaders know its network is facilitating a variety of illegal activities beyond theft at this point. Last month, the North Atlantic Treaty organization revealed it used the platform to harvest a wealth of military data.
So given its vast resources and powerful tools, why doesn’t Facebook drop the hammer on the criminals it hosts? One possible explanation is that the company is concerned about sudden six-figure drops in its monthly active user numbers. While that might sound far-fetched, Bloomberg recently accused YouTube of doing something similar. The service might be going easy on its worst members because they are also its most dedicated customers.
Regardless, one thing is absolutely certain about Facebook’s ongoing cybercriminal infestation. The corporation is unable to handle the problem by itself.