Ferguson, who says he has spent some time analyzing the actions of the group, says that two lists of hacked Facebook accounts have been posted to the Pastebin file-sharing and posting service.
“The list entitled Part 1 appears to have been doing the rounds on various underground forums for the better part of a year. The second list entitled Part 2 by Team SwaStika is much more recent. The first evidence I can find of the accounts listed in Part 2 is only 19 days old”, he said in his latest security blog.
“A list with content exactly matching this second Pastebin post by Team SwaStika was uploaded to a compromised website by the better known group of hackers Group Hp-Hack. Group Hp-Hack is a Saudi Arabian hacker group that has previously gained notoriety in August of this year for defacing the websites of Joomla Canada and ethicalhackingcourses.com”, he added.
Ferguson goes on to say that the list of alleged Facebook logins uploaded to a compromised web server was created in Microsoft Word and has a creation date of 1st October 2011 – but was posted with the claim (in Arabic) that the list only represents 10% of the seven million accounts that were breached by Group Hp-Hack.
Infosecurity notes that, depending on which security forum you read, the numbers of Facebook accounts hacked in the two Team SwaStika lists – and the Hp-Hack list circulated on BitTorrent – seem to vary from several hundred thousands to several million.
Ferguson, meanwhile, says that he has informed the owners of the compromised server and advised them to remove the content, as well as passing the relevant information to Facebook’s security team.