In today's digital age, cybercriminals are always coming up with new ways to trick people and make a quick buck. One of the common trends involves hackers stealing Facebook accounts and then selling them to affiliate marketers and advertisers.
In this article, we'll take a deep dive into how this sketchy business works, looking at the sneaky tactics hackers use to break into accounts and the different ways they make money from them. We'll also explore some alternative methods for making money from hacked accounts that don't involve breaking the law.
How hackers steal Facebook accounts
The process of stealing Facebook accounts usually starts with hackers pretending to be popular AI companies or products. They create posts, promising users access to cool features and exclusive perks. To reach as many people as possible, these hackers use Facebook ads to target folks who might be interested in the AI stuff they're promoting.
When someone clicks on the ad link, they're taken to a website or landing page that looks legit. The landing page shows you a download button where you can download the software and install it on your computer. The file is usually a RAR file:
What the user doesn't know is that clicking the link starts downloading a compressed .rar file. This file is made to look harmless, often disguised as a software installer or a bunch of resources related to the AI product being advertised.
The user, trusting the source of the download, goes ahead and extracts the contents of the compressed file. That's when the true nature of the file is revealed.
Inside the extracted files, the user finds a .msi file, which is a Windows installer package. However, this installer is not what it appears to be.
Hidden within the .msi file is a dirty surprise - a piece of malware that the hackers have carefully crafted to carry out a range of bad activities on the victim's device. The unsuspecting user, thinking they're installing a real software program, unknowingly gives the malware access to their system.
Once the malware is installed, it gets to work. Depending on what the hackers want to achieve, the malware can do all sorts of bad things. It might steal login details, hijack browser sessions, or even lock up the victim's files and demand a ransom payment. The malware may also set up camp on the system, allowing the hackers to maintain long-term access and control over the compromised device.
With the malware doing its thing, the hackers can easily break into the victim's Facebook account. They can use the stolen login details or hijacked browser sessions to log into the account and take control of it. In many cases, the malware may also target the victim's Instagram accounts, giving the hackers access to a wider network of social media profiles.
These hacked Facebook and Instagram accounts become valuable goods on the black market. Hackers often sell them to marketers and advertisers who are eager to exploit the accounts' established user base and the trust associated with them. The people who buy these stolen accounts can then use them for all sorts of sketchy purposes, like spreading spam, promoting fake products, or running phishing scams targeting the accounts' followers and friends.
Other tactics hackers are using to steal Facebook accounts
Apart from promoting fake software, hackers have been noticed to use these strategies:
1. Pretending to be official Meta representatives:
Here hackers pretend to be representatives from Meta and create fake accounts that DM users with severe warnings about copyright issues or the security of their accounts.
The DMs always contain a link that sends the users to a webpage where they can resolve the security problems of their accounts.
On that webpage, they add a login page similar to that of FB or Instagram and ask the users to enter their login details so that they can know which account it is and continue to solve the issue. But if you look carefully, the URL is not an official Meta URL:
This technique deceives many users, especially those with big Instagram accounts, and afraid of losing their accounts. They fall for this and end up giving away their credentials to hackers and losing their accounts.
2. Using adult content as a trap to lure in users:
Hackers now also post screenshots of adult content on Facebook with a link to watch the content. They tag very many accounts to increase the reach of such posts. If they get you at a bad time when you can easily be lured into watching adult content, you might end up clicking the links.
The link leads you to a page with adult content. Something like a tube site.
When a user tries to click to watch one of these videos. They are redirected to another page.
The page asks you to log into your Facebook account so that you can watch the films.
You can see the page looks exactly like Facebook’s login page, but if you look closely, you can see the URL is different. If you fall for it, then your credentials will be taken and your account will be stolen by the hackers.
How hackers make money from stolen accounts
Once hackers have successfully stolen Facebook accounts, they use different methods to make money.
1. Ransomware
One common approach is to use ransomware. By infecting victims' computers with malware that locks up their files, hackers can demand a ransom payment in exchange for the key to unlock the files. This method takes advantage of the victim's desperation to get their important files back, like work documents, family photos, or crucial business data.
Ransomware attacks have become more advanced and targeted, with hackers using stolen Facebook account information to personalize their ransom demands. They might use the victim's name, location, or social connections to make the demands seem more real and urgent. The ransom notes often threaten to delete the data forever or expose sensitive information if the payment isn't made within a certain time. The mental pressure from these tactics can be huge, leading many victims to pay the ransom out of fear and desperation.
2. Using the hacked computer as a proxy server
Another way hackers make money is by using the hacked computers as proxy servers. These proxy servers are then sold to residential proxy providers, who sell access to them to people or groups who want to hide their online activities. By routing their internet traffic through these hacked devices, users can mask their real IP addresses and locations, making it hard to trace their online movements back to them.
Using hacked machines as proxy servers allows cybercriminals to engage in all sorts of illegal activities while staying anonymous. They can fake ad clicks to inflate ad revenue, send spam emails, or run phishing scams, using the trust associated with the hacked accounts to trick people into giving up sensitive information or downloading more malware.
These proxy servers can also be used to get around geo-restrictions and access content or services that might be blocked in certain countries. This is especially valuable for people who want to do things like online gambling, access pirated content, or bypass government censorship. There's a big demand for residential proxy servers, and hackers can make a lot of money by selling access to hacked machines.
3. Clipboard hijacking
Clipboard hijacking is another sneaky technique used by hackers to exploit hacked accounts. This method involves replacing the cryptocurrency addresses copied by users with the hacker's own addresses. When a user tries to make a cryptocurrency transaction and pastes the address from their clipboard, the money is accidentally sent to the hacker's wallet instead of the intended recipient. This technique takes advantage of users not paying close attention during cryptocurrency transactions, as they may not double-check the pasted address before confirming the transfer.
Clipboard hijacking can be particularly effective because it targets users who are already familiar with and engaged in cryptocurrency transactions. These users may feel a false sense of security, assuming that their copied addresses are accurate and trustworthy. Hackers can exploit this trust by changing the clipboard contents in real-time, making it hard for users to spot the manipulation. As a result, large amounts of cryptocurrency can be stolen without the victim knowing, leading to big financial losses.
While not as common due to the need for powerful graphics cards, crypto mining can still be a profitable way for hackers to make money when done on a large scale. By infecting many computers with malware, hackers can combine the computing power of these devices to mine cryptocurrencies. Crypto mining malware often runs in the background, using up system resources without the user knowing.
How much money hackers can make from crypto mining depends on several factors, like the specific cryptocurrency being mined, how efficient the mining algorithm is, and the cost of electricity in the targeted regions. Hackers may focus on mining cryptocurrencies that are more profitable or have lower mining difficulty to maximize their potential earnings. They may also target countries with cheaper electricity to keep their costs down.
To scale up their crypto mining operations, hackers may use different techniques to infect a large number of devices. They may use phishing emails, malicious websites, or exploit software vulnerabilities to spread their malware. Once a device is infected, the malware may spread to other connected devices on the same network, quickly increasing the number of hacked machines.
4. Stealing login credentials
Cybercriminals may also target software applications and online platforms to steal users' login details and session information. Popular targets include streaming services like Netflix, Spotify, communication platforms like Discord, and gaming accounts. By getting access tokens and login details, hackers can exploit these hacked accounts for various purposes.
One common way to make money is to sell hacked accounts on the black market. Hackers may offer access to premium accounts, such as those with extra features or subscription benefits, at a much lower price than the official cost. People who buy these accounts can then enjoy the premium features without paying the full price, while the hackers make a profit from the sale.
Alternatively, hackers may use the hacked accounts for their own purposes, such as live streaming or gaming. They can use the account's established reputation and user base to attract viewers or participants, potentially making money through donations, advertisements, or in-game purchases. This method allows hackers to directly make money from the hacked accounts, without needing intermediaries or buyers.
Q&A with Anastasiya from Flex&Pro
To get more insights on the matter, we held a Q&A with Anastasiya from Flex&Pro, an agency that buys and sells ad accounts for several advertising networks.
Q: Is it true that there are some account resellers/ agencies that work with hackers to access ad accounts, which they resell to affiliates?
A: Yes it is true. A lot of Vietnam agencies, for example, work with what we call “logs”. These are hacked accounts of real people.
I won’t mention them because that is their business.
Q: And how do reputable agencies get accounts?
A: Taking Facebook ad accounts as an example, all reputable agencies obtain accounts from the following sources:
- Ad accounts created in Business Managers that have the status of Meta Business Partner and have a Credit Line. These ad accounts are stronger than ordinary ad accounts. The owners of these verified Business Managers split traffic between different tiers of countries, such as Well-Developed Countries (WH), Gateway Countries (GH), and Brick Countries (BH).
- Ad Accounts created by META Authorized Sales Partners (ASP). These accounts have high reliability and direct access to moderation and META support. However, when using these accounts, advertisers must strictly adhere to the advertising policy, and non-compliance may result in the termination of the partnership.
- Advertising accounts created by the Business Managers of companies that are verified for various geos where it is allowed to advertise cryptocurrencies, finance, gambling, and dating. These geos include agencies from Latin America (Argentina, Chile, Brazil), Vietnam, and Africa (Nigeria).
In all cases, reputable agencies go through a strict onboarding procedure to establish a partnership. The affiliates we give our accounts to are required a high level of expertise, skills, and abilities. Additionally, Flex Pro accounts have a high entry point for advertising, initially starting from $350,000 to $500,000 per month.
Ethical ways to access Facebook Ad accounts as an affiliate marketer
When it comes to accessing Facebook Ad accounts as an affiliate marketer, it's important to do it in a way that's fair and respects the rights of the account owners. Instead of doing anything illegal or sneaky, there are better ways to go about it that benefit everyone involved.
- Working with reputable agencies: The best way to access ad accounts is by working with reputable agencies and resellers who are known in the industry. You can get connections to such ethical resellers in premium affiliate networks and industry events. Reputable agencies that go further to sell access to trusted agency accounts are the best in the industry.
- Working with real account owners: Another ethical way is to work together with real account owners to promote products and services. Basically, you ask the account owner if you can use their account to advertise and earn a commission on any sales that come from it. This is called a partnership account, and you can find people who are willing to do this on trustworthy affiliate marketing forums.
Ethical affiliate marketing means being honest and making sure everyone gets paid fairly. The account owner keeps control of their account and gets paid for letting you use it. As an affiliate marketer, you get access to their audience and have the chance to make more sales. And the products or services being promoted get exposure to the right people. It's a win-win situation where everyone benefits, and you don't have to deal with stolen accounts.
- Using influencer marketing: Another ethical way to make money from other people's accounts is by tapping their audiences through influencer marketing. You can work with influencers who have a lot of followers and ask them to promote your products or services on their account. The idea is that the influencer gets paid for featuring ads on their account, and you get to reach a larger audience and make more sales.
The key to doing this ethically is to be open and honest about the partnership. Make sure the account owner or influencer is getting paid fairly for their involvement. This builds trust with them and their followers. There are different ways to work with influencers, like having them make sponsored posts, do product reviews, or share affiliate links. The influencer can create content that connects with their followers and shows off the products or services in a way that gets people interested. By leveraging the trust and relationship between the account and its audience, the influencer can help you generate engagement and sales.
Conclusion
The business of stealing and selling Facebook accounts is a major threat to people's privacy, security, and financial well-being. Hackers are always finding new ways to exploit vulnerabilities, so it's crucial for us to take action and protect ourselves against this cybercrime.
By understanding how this blackhat business works, from the process of account theft to the various monetization strategies used by hackers, we as affiliate marketers can develop strategies to prevent and reduce the impact of compromised accounts. We have this power because we are the buyers, sitting at the end of the entire chain
But it's not just about fighting against the bad guys. It's also important for us to explore ethical ways to access advertising accounts. By doing so, we can prioritize the rights and interests of account owners and contribute to a more sustainable and trustworthy online ecosystem.
