You guys are discussing something different than the original question. The original question asked for a million username/passwords, not a million valid email addresses.
Let's say we get across the verification stage and we find these are valid usernames/passwords at the time and there's no issues with logging in from a different ip or someone found a way around that (mobile). What could we do with a million valid logins? We could check all of the users for duplicate passwords on other sites. Most especially hoping for emails duplicates. Then attack accounts with valid card credentials and no more verification than a password like Amazon. We can crawl it for business accounts or business users we'd like to attack. ->Business accounts for attacking the company's name ->Individual users for attempting to bait them into a better spear phish by abusing their friends We could use it for massive profile spamming by having them post a link somewhere. We could use it for a drive-by campaign by using the same as above, but linking to our own malicious site. We can download their entire facebook lives at the click of a button including private messages, private files, etc. Popperazzi asses can use it to attempt to find celebrities and print out their entire lives to the world. Private photo leaks and all that. Or just drive-by campaign again using celebrity posts about female private nude pictures available at, free music available at, free movie x available at, etc. In fact, a better way to sell it would be to find businesses or high rated people so you can say dump includes: x business with 2k friends y celebrity with 10k friends z musician with 3k friends Instead of just a million individual regular users, that would get more traction on the sales end. All in all, I think it would be best to sell it in bulk or searchable deals. Have an interface search to see if a name is available in the dump then offer individual prices. Or list out the accounts with the most friends. $5 for a regular individual and then have quantifiers for friends of celebirty, business, musician, etc. accounts. $50 * k, where k is the thousands of followers. Then offer bulk rates at 10k regular individuals each for $300-$500. The more you do your own research on what you have, the more profit you could make out of it. On Wed, Oct 31, 2012 at 10:23 PM, <[email protected]> wrote: > Not a whole lot it would seem... > > > http://www.forbes.com/sites/andygreenberg/2012/10/25/facebook-investigating-how-bulgarian-man-bought-1-1-million-users-email-addresses-for-five-dollars/ > > Ramo > > On Thu, Nov 01, 2012 at 12:37:13AM +0530, Memory Vandal wrote: > > You buying or selling? > > > > MemoryVandal > > > > > > On Wed, Oct 31, 2012 at 10:03 PM, Georgi Guninski <[email protected]> > wrote: > > > We are discussing this question: > > > > > > How much a million facebook passwords + lusernames would cost? > > > > > > > > > _______________________________________________ > > > Full-Disclosure - We believe in it. > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (GNU/Linux) > > iQEcBAEBAgAGBQJQketPAAoJEAXQWoW8lug/oDAH/Rr1qSGeYVPrXULOFcxCiSjV > UperpZnrFlpBT4OOXQ0CfP45EUcnmTG6Nd5zcM2hLkvnd1mBWx4/PlYsKvqtqSnS > nvA1j5IyQeyX7X6kXEoIayNbgHBwrXYuIB6YtQw0np1rmLbLlRQG9Xb98fBLHI/9 > WeP1uYvEM+4oPIJhh117BimzLGQ0nLymFyiqdXruzFiUHm9rlyTgKXxqij8sij/1 > fIO5T2R9OAnwMppy+Nx8bfZbh6M5N2UdF9NyQiuwNjydGsQMy5lfbaZUsupQc2hh > UmRc18hEbe82diEoTkMMSfCt3S1fgmQMSaDocuXVJFcbUTsc85N2JJzbRAzBVKU= > =RAq9 > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
