Conspiracy Theories About Facebook Outage Spread Even Without Facebook

Some people believe the hourslong outage may be linked to a supposed data breach that is, most likely, actually a scam.
October 4, 2021, 8:29pm
facebook
Image: Chip Somodevilla/Getty Images

Facebook, as well as WhatsApp and Instagram, have been gone from the internet for hours. 

Internet users, obviously, are freaking out. Facebook has said very little about what is actually happening, but the outage is currently seemingly affecting only Facebook and its services. Many experts believe it to be related to issues with internet infrastructure, specifically DNS and BGP.

Short for for Domain Name System, the DNS is a service that allows the internet to run by translating domains such as Facebook.com into IP addresses and vice versa. For some unknown reason, Facebook's DNS records, as well as BGP records, are gone from the internet. BGP (Border Gateway Protocol) is the system that figures out the best route for a packet to travel across the internet.

In this information vacuum, however, conspiracy theorists have begun speculating that this is a massive hack, that it’s tied to Sunday night's “60 Minutes” episode in which a Facebook whistleblower said that Facebook is intentionally misleading the public and the government on its efforts to curb hate speech and misinformation, or is otherwise related to Facebook's recent problems in the news. 

A music studio recording business posted a screenshot of what look to be a bunch of DNS addresses on Twitter and speculated that Facebook is gone forever, which quickly went viral with literally no context whatsoever. The screenshot appears to be stolen from another Twitter account called KillFearNY, which describes itself as a creative and sports agency.

One of the most popular theories has centered around a supposed hack that resulted in 1.5 billion Facebook records being sold on a hacking forum. In this version, people are pointing to a September 22 post from a supposed company called X2Emails which has "more than 1.5b Database of Facebook these database scraped this year and 100% emails are included and phone as well" and is somehow connected to today's outage.

This theory doesn't even pass the smell test, though. The person who posted the advertisement doesn't even pretend the data was stolen from Facebook. The post says it was "scraped," and it only contains: "We only have these fields : Emails , Gender , Location , cities , dob , phone numbers , names , uid." Scraped databases of Facebook users show up all the time and have little or nothing to do with any sort of hack.

Screenshot

Screenshot of Raid Forum post. (Image: Motherboard)

What's worse—or better depending on your point of view—is that it's very likely that this is all a scam anyway. 

Another user in the forum thread alerted others not to trust the seller.

Advertisement

"Scammer. Only sends [a sample of] 20 users. There is no more. Doesn't accept escrow(moderator). But he expects you to believe in 20 samples and send $5,000.  Instead of 1.5 billion, I think there are 150 users of data for social engineering.  "

Aric Toler, a researcher at Bellingcat, was one of the first ones to report that people should be cautious and not take this at face value. 

The fact that some wannabe hacker advertises scraped data on a hacking forum that anyone can access is nothing new. It happens every other week. Sometimes, hackers who post on Raid Forums do have real hacked data, but sometimes they’re just trying to scam other users.

Even other forum users are not taking it seriously.

"Hahahaha 600 TB of Mark Zucker burger selfies :D," one user posted in a chat. 

Facebook could not be reached for comment because of the outage, which nonetheless has seemingly caused mass chaos not just online but offline, too. Reporters at the New York Times, for example, have noted that Facebook employees have been unable to get into certain buildings. Facebook employees have also had to communicate with each other using secondary messaging services like Discord and Zoom

In January of this year, Motherboard reported on a real incident where attackers scraped Facebook, obtaining a database of 500 million accounts. That database included phone numbers of people who actively tried to keep that information private. Two months later someone dumped the database on a hacking forum, according to reports at the time.

We're still not sure what's happening at Facebook, and an outage of this severity and length is unprecedented in Facebook history. There may very well be a very interesting explanation for the outage, but we simply don't know enough to say what caused it yet. One thing we’ve learned, though, is that conspiracy theories can spread across the internet just fine without Facebook.

Subscribe to our new cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.