Facebook shuts down Albania Pirate Group, after stolen passwords shared

Kuala Lumpur, Malaysia, November 13, 2012 –It's easy to understand how hacking groups, involved in undercover cybercrime, might want to keep their activities hidden from the-powers-that-be and law enforcement agencies, and conduct their crimes in secrecy.

Which makes it all the more surprising when you stumble across a group apparently engaged in stealing and sharing login passwords for third party systems, doing so not just on a public-facing website, but on a page hosted by the world's biggest social network.

A gentleman who works at a Yorkshire-based security company, contacted Sophos last week to tell us about a particular Facebook page they had stumbled across belonging to the Albania Pirate Group.

 On its Facebook page, 600+ fans and members of the Albania Pirate Group were sharing RDP (Windows Remote Desktop) logins, giving hackers unauthorised access to computer systems, and what appeared to be compromised banking details.

The potentially sensitive information was free for anyone to view, even if you hadn't "Liked" the page.
Curiously, the Albania Pirate Group has a similar logo to the Kosova Hacker's Group, who breached servers belonging to the US National Weather Service last month.

Sophos contacted Facebook, and within the hour the social network's security team had closed down the page.

Said Graham Cluley, senior technology consultant at Sophos, “Remember that pages and groups on Facebook are not pre-vetted, and anyone can create a page with ease and use it for illegal purposes. If you stumble across a Facebook page that you believe is involved in law-breaking or breaches the terms and conditions of the site, you should report it to Facebook.