Facebook Sues a Browser Extension Maker for Stealing User Data
Image Courtesy of Pixabay
  • Facebook takes legal action against two Ukrainian developers for creating Facebook apps to harvest sensitive user data.
  • According to the lawsuit, the apps would collect public as well as non-public user data.
  • The app, which is circulated as a browser extension, has been downloaded over 63000 times.

On March 8, Facebook filed a suit against two Ukrainian developers, Gleb Sluchevsky and Andrey Gorbachov. According to the legal documents, they have been sued for creating Facebook apps to harvest user data and then injecting ads into the users’ timeline.

It turns out, that both individuals ran at least four web apps which revolved around providing quizzes on various topics. The apps were advertised on Facebook but hosted through a multitude of different third-party websites including supertest.name, fquiz.com, megatest.online, and so on.

All these tests were targeted towards Russians, or more specifically- the Ukrainian-speaking demographic. As such, it sported culturally alluring topics to entice unsuspecting users. Quizzes like “Do You Have Royal Blood?” or “You Are YIN. Who is Your Yang?” were mainly asked.

funnytest.pro
Source: funnytest.pro

Once a user came to their website, they were prompted to “enable push notification” on their browser. Doing so prompted them to install a malicious browser extension. As of now, the extension has been downloaded over 63000 times and is available via three official browser stores.

Once installed, the extension could scan the user’s profile and harvest public as well as non-public data. All collected data will be then sent off to servers in the Netherlands which were under the suspect’s control.

According to Facebook, the developers used the data to post authentic looking targeted-ads on the victim’s timeline. In fact, according to Facebook, multiple other social networking platforms have been compromised as well, but their names were not cited in the legal documentation.

Facebook also added that the “Defendants used the compromised app users as a proxy to access Facebook computers without authorization.” As such, the social media giant is currently demanding an injunction and restraining order for the two developers, barring them from creating any more apps that target Facebook users.

The company has also requested financial relief for the efforts they put into investigating the defendants’ operations along with restitution of any funds the two made throughout the scheme.

So what is your take on the current situation in how Facebook is handling the situation? Write about your concerns or opinions in the comments below. Also, if you have friends and family in Russia, the make sure to share this news through your social channels like, Facebook and Twitter.