430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A threat actor is selling access to Facebook and Instagram’s Police Portal

A threat actor is selling access to Facebook and Instagram’s Police Portal used by law enforcement agencies to request data relating to users under investigation. Cyber security researcher Alon Gal, co-founder & CTO of Hudson Rock, first reported that a threat actor is selling access to Facebook and Instagram’s Police Portal. The portal allows law […]

Facebook Istagram data

A threat actor is selling access to Facebook and Instagram’s Police Portal used by law enforcement agencies to request data relating to users under investigation.

Cyber security researcher Alon Gal, co-founder & CTO of Hudson Rock, first reported that a threat actor is selling access to Facebook and Instagram’s Police Portal.

The portal allows law enforcement agencies to request data relating to users (IP, phones, DMs, device info) or request the removal of posts and the ban of accounts.

Facebook Istagram data

The threat actor is offering access for $700, and it appears it can have more than one existing account for the portal.

Gal speculates that either Meta was the victim of a social engineered attack that tricked an employee into giving attackers access to the portal or the threat actor had credentials for a legitimate law enforcement account.

“I believe it is likely that Meta was social engineered into providing access to the threat actor using their official form.” Gal told Security Affairs. “Alternatively, credentials of a law enforcement official may have been obtained by threat actors, which provided them access to the portal”

Meta Facebook data breach

The threat actor can abuse access to the portal for multiple purposes, including unauthorized data requests, enabling harassment and doxxing, fake law enforcement actions, and the risk of identity theft, all of which pose serious privacy and security concerns for users.

The access to the official META Law Enforcement Portal.
Grants access to the Subpoena submission portal that may be used to extrapolate personal information about any Facebook or Instagram user.

Below the announcement published by the threat actor on Breach Forums

“The following requests can be made through the portal:
 – Subpoena: Comprehensive information gathering that will give you access to all the data Meta has gathered on the target, including IP addresses, phone numbers, emails, direct messages, deleted posts*, device information, and more. Additional submission of fake papers will be required during the subpoena process. Court orders/search warrants, M.L.A.T.s, and seizure warrants (which may permit account takeover but have not yet been tested) are a few possible papers.

 – Emergency Data Request: Issued in situations where there is a significant risk to human life, this request type doesn’t require falsified paperwork but comes with a significantly lower success rate and less comprehensive information.

 – Post Removal/Account suspension: Applicable when a user’s post is in violation of any law, to any degree, where you may request that the user’s account be suspended or that their post be taken down.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Facebook)