The Latest in IT Security

Does Facesnoop Really Hack Facebook Accounts?


We came across a supposed hack-tool called “Facesnoop” this week.

The author uses YouTube videos to promote his software.

Facesnoop YouTube

Facesnoop 2 was released sometime recently and claims to have “ACTUAL video proof” that it works.

Facesnoop 2 YouTube
(ACTUAL must be better than actual.)

The video depicts the “hacking” of an account belonging to a young woman named Kristen.


We think Kristen is just a sockpuppet account, so we’ve blurred the profile picture.

Once you’ve watched the Facesnoop video, and decide to download, you’re directed to open a webpage at ShareCash.Org, which prompts you to fill out Cost Per Action (CPA) affiliate marketing surveys. (Offers from the usual CPA suspects. This is how Facesnoop monetizes his software.)

There’s a problem though.

This is what happens when you launch Facesnoop 2:

Facesnoop GUI, error

You get an “Unhandled Access Violation” exception that claims there is a “Net Framework 2.0 missing library”. Most people probably click on the “Check For Updates” button at this point, and that opens a webpage requesting even more CPA surveys to be filled out.

Facesnoop’s Facebook page has several complaints about this.

Facesnoop Facebook Page
(Seriously, who complains about a Facebook hack-tool failing to work on a Facebook Page???)

The Facesnoop author has created a newer page, and it opens to the Info tab to avoid visible complaints.

Facesnoop Facebook Page

All of the people complaining about the error shouldn’t really be surprised though.

Examining the properties of the executable shows that it was designed to fail.

Facesnoop 2.exe Internal Name

Look: the Internal Name of the file is “Facesnoop 2 error.exe”.

This isn’t a hack-tool – it’s a fraud-tool.

You can see more details in the executable’s code:

Facesnoop 2 Hiew
(SHA-1: 2862de8e506414589b923f8faa49bf8fc81238e2)

E:\Nicolas\Code\fn2 error\Facesnoop 2 error\.

Nicolas? Hmm, where have we seen that name before?

Oh yes, the first video’s sockpuppet “victim” was called Hayley.


And the Hayley account has a friend named Nicolas.


And the Nicolas account just happens to “like” Facesnoop. Is it the hack-tool author himself?

We don’t know for sure.

All we do know, whomever Nicolas is really. he thinks you’re a sucker.

Leave a reply


SUNDAY, JULY 03, 2022

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments