More Free Facebook Hacking Sites Surface Online | Malwarebytes Labs

Posted: October 16, 2014

We’ve discovered two more sites claiming to offer chop services targeting Facebook users.

Four months ago, I unmasked a Facebook “hacking” military_service called FBSniffing and how it truly doesn’t actually “hack” but alternatively signal in users to a fluid avail they never asked for.

In this post, I’ll be talking about two more sites claiming to offer machine_politician services that prey Facebook users. The sites are:

  • fbwand(dot)com
  • hackfbaccountlive(dot)com


fbwand point com
click to enlarge

fbwand is a web_site created within the beginning four months of 2014. It claims to be a instrument that can get into Facebook in three comfortable steps.

FBWand uses the latest security_system holes in Facebook, so you can get into your cheating husbands [sic], annoying bosses [sic] or any early persons [sic] Facebook visibility and take messages, upload pictures or do anything you like. FBWand is superintendent easily to use. Password isn't changed in the crack procedure so the exploiter in doubt won't notice anything. besides the method_acting we use is indiscernible by Facebook and credibly won't be patched anytime [sic] soon.
To gain entree to your victims [sic] E-Mail and Password, you will be required to get an mandate code from us through referring friends to FBWand.

The nonpayment foliate is sectioned in three parts: the peak contains an interface where users can enter the Facebook dub of the person the attacker wants to infiltrate, the center contains a tilt of the supposed cab tool’s samara features with drug_user testimonials, and the buttocks contains an FAQ section, which mentions energizing codes, “20 seconds”—the claimed duration of clock_time the web_site can crack into a Facebook account—and the convention forbidding attackers to provide made-up information when woof in sketch questions.

fbwand is a web_site created within the first_base four months of 2014. It claims to be a creature that can get into Facebook in three slowly steps.The default_option foliate is sectioned in three parts: the acme contains an interface where users can enter the Facebook nickname of the individual the attacker wants to infiltrate, the in-between contains a number of the supposed chop tool’s winder features with exploiter testimonials, and the bed contains an FAQ section, which mentions activation codes, “20 seconds”—the claimed distance of fourth_dimension the locate can crack into a Facebook account—and the principle forbidding attackers to provide made-up data when fill in view questions.

On its ToS though, we can see it abruptly doubling back, claiming that the sphere at show is equitable a cock that simulates Facebook history cracking.

FBWand ToSclick to enlarge

Fortunately, fbwand is nobelium longer on-line at this meter of writing.


Fortunately, fbwand is no longer on-line at this prison_term of writing.

The hackfbaccountlive default websiteclick to enlarge

We are presently the #1 web_site in the Internet to provide this servicing for rid and at amaze speeds and achiever rate. Don't 
believe us? See how many like and parcel we have on Facebook and early sociable media and we are rank #1 on google.
You may wonder why people machine_politician Facebook accounts? [sic] The solution is simple. There are assorted rationality as to why one would want to cab another persons [sic] Facebook account. Parents might want to see what their kids are doing on-line to monitor them. A boyfriend or girlfriend might want to see what their counterpart is doing behind their back. A conserve would want to check if his wife is congregation or frailty versa. today in the universe of Internet sociable media has become one of the most swerve matter for people of every age. many people contribution their deep and darkest secrets, interests, hobbies, likes and dislikes with their friends. And this is the cause why people want entree to others [sic] report to know everything about them.
We provide you with the best Facebook machine_politician available in the internet for absolutely free. nowadays you can chop Facebook password of fair anyone you want. No more cachexia clock downloading Facebook password cab or any early Facebook password redneck tools available in the internet. Most of these tools are imposter and incorporate virus. This is why we offer you this 100% condom serve to chop anyone on Facebook right_field from web_site hack panel. No plugin or absolutely no download 
required. Get started now!

If you think that all these audio over-the-top, they probably are.

If you think that all these phone over-the-top, they credibly are.

This earth was created within the same clock_time human_body as fbwand. Clicking the “Click hera to start hacking” push_button leads to a foliate where users can purportedly enter the Facebook visibility connection of the explanation they want hacked. From here, one can besides have cook entree to a “Members Panel” section, where whoever is registered can enter his/her drug_user appoint and corresponding password to entree results from the supposed hack. More on this in a few.

One starts off by entering the visibility URL of the Facebook exploiter score (the target) he/she wants to hack. The locate then makes him/her believe that an actual hack is ongoing, firstly, by retrieving and displaying particular data from Facebook’s Graph Search, such as user ID, drug_user name, and a bombastic adaptation of the visibility photo, to the page; and, secondly, by providing the attacker the advancement of completion of each hack attempt. Below are screenshots of these attempts, beginning with purportedly fetching the target’s electronic_mail ID:

After a successful “hack”, the web_site informs the attacker that they have created an report for them on the website, dispatch with a generate exploiter mention and password, and that they have to log in to their accounts to retrieve the target’s Facebook bill details. just when it seems excessively easy, the attacker sees this upon logging in:

The click to enlarge

He/She is instructed to unlock the details in two ways. One is to plowshare a render referral connection to their sociable networks (particularly Facebook and/or Twitter) in ordering to get 15 visitors to chink it. Below is a screenshot of the pinch the attacker is encouraged to use in sharing:

He/She is instructed to unlock the details in two ways. One is to partake a generate referral liaison to their social networks (particularly Facebook and/or Twitter) in orderliness to get 15 visitors to suction_stop it. Below is a screenshot of the tweet the attacker is encouraged to use in sharing:

Tweet template
click to enlarge

Doing a flying research on chirrup reveals these populate tweets:

Doing a agile search on chitter reveals these survive tweets:

Twitter search results for sharesocial(dot)biz
click to enlarge

Second is to complete a

Second is to accomplished a surveil by clicking a button, leading to a locate called Download Files Fast.

Users are besides being redirected to commentpiraterfacebook(dot)org, a web_site in French, when they visit hackfbaccount(dot)com and they exist in a state that speaks the language.

Although it’s truthful that no web_site is absolutely procure one must not attack to hack into them nor break into person else’s on-line profile. These are illegal acts. Sites marketing themselves as free, user-friendly hacking-as-a-service (HaaS) tool, such as those I mentioned here, by_and_large takes advantage of drug_user misgiving against person and profits on it, promising large but hand_over nothing in the end. Avoid them at all cost.

Jovi Umawing

Bài viết liên quan

Tư vấn miễn phí (24/7) 094 179 2255