Facebook on Friday, March 8, filed a lawsuit against two Ukrainian app developers for allegedly using quiz apps in combination with browser add-ons to scrape data from unsuspecting social media users and inject ads onto their News Feeds.
"In total, defendants compromised approximately 63,000 browsers used by Facebook users and caused over $75,000 in damages to Facebook", the company claims in its civil complaint, citing the cost of rooting out the activity. That allowed the developers to scrape information from a user's page as well as those of any friends to whom they were connected on the social networking site.
The bait for the malware was that catnip for simpletons, the personality test. Users were encouraged to log in via Facebook before downloading the malicious browser extension which stole publicly visible information and private friend lists. The quizzes often featured such headlines as: "What kind of dog are you according to your zodiac sign?", according to CNN. Last year, the BBC questioned whether Facebook had been proactive enough in addressing the malicious plugins.
"Friday, Facebook filed a complaint against two developers based in the Ukraine for violations of our policies and other United States laws by operating malicious browser extensions created to scrape Facebook and other social networking sites".
The report comes as Facebook CEO Mark Zuckerberg has emphasised the importance of personal messaging apps.
Facebook in his statement of claim says: Scam name is Andrey Gorbachev and Gleb Sluchevsky.
"Defendants used the compromised app users as a proxy to access Facebook computers without authorisation", Facebook said.
From the implications of the lawsuit, Facebook may have allowed these hackers into their network by approving them as developers. Facebook discovered their scheme "through an investigation of malicious extensions", and it suspended all the accounts around October 12th 2018, then contacted browser makers to make sure the applications were removed.
Malicious quiz apps were used to harvest thousands of users' profile data, according to Facebook. But the suits give Facebook a chance to defend itself against charges of being lax with privacy and security, explaining how users have been victimized by hackers - not the platform itself.