Facebook Inc. housed dozens of cybercriminal groups that set up shop on the platform as online marketplaces to sell a variety of illegal services, such as stolen credit card information, account theft and spamming tools, a team of researchers found.
Cisco Systems Inc.’s Talos security unit uncovered 74 groups with names like "Spam Professional" and "Facebook hack (Phishing)," it said in a blog post published Friday. Those online marketplaces, which counted about 385,000 members, were quite easy to locate for anyone with a Facebook account, the group said. Once a person joined one such group, Facebook’s own algorithms would often suggest similar groups, making criminal hangouts easy to find, according to Talos.
Facebook confirmed that the groups, some of which Talos said had been on the platform for as long as eight years, have been removed.
"These groups violated our policies against spam and financial fraud and we removed them. We know we need to be more vigilant and we’re investing heavily to fight this type of activity," Facebook said in a statement.
The revelation of cybercriminal activity adds to the mounting security and privacy concerns surrounding Facebook. Earlier this week, researchers at cybersecurity firm UpGuard found troves of user information inadvertently posted publicly on Amazon.com Inc.’s cloud computing servers.