Software used to recover accounts was provided to many Meta Group employees (Facebook, Instagram, WhatsApp). About twenty of them used it to resell profiles to criminals.
The pirates are in the open space. Meta, the parent company of Facebook, has reportedly fired and taken disciplinary action against around 20 employees, as well as contractors, after the latter took control of several user accounts. The measure was revealed by journalists from the Wall Street Journal on November 17.
All of the accused employees had used Oops — short for Online Operations — a unique one at Meta. This tool helps users recover a hacked account or one with a password issue. It is generally opened as an exceptional procedure. Or, its usage is said to have soared in recent years, from 22,000 “tasks” in 2017 to 50,270 in 2020.
After internal investigation, the company discovered a kind of black market of Facebook and Instagram accounts. Account credentials were resold for several thousand dollars to scammers who could impersonate famous or formerly disabled influencers. These could then promote scams with legitimate profiles. Much easier than running a scam with zero subscribers.
Software provided to security guards
These deviations are not surprising, when we learn that such a tool has been provided to so many employees. Among those made redundant are security guards who were provided with the notorious software in the event of a problem with their own Facebook or Instagram accounts. Another case involved a contractor who reset multiple user accounts on behalf of hackers in exchange for bitcoin payments for his services.
Meta told the WSJ that the company would continue to take “ appropriate measures against anyone selling fraudulent services.