Published: Thu, March 14, 2019
Tech | By

Facebook sues Ukrainian hackers who stole user info via personality quizzes

Facebook sues Ukrainian hackers who stole user info via personality quizzes

The BBC has contacted Web Sun Group for comment.

Facebook on Friday filed a lawsuit against two notorious Ukrainians for compromising the accounts of over 60,000 users of their website.

The apps scraped users' public info, like name, gender, age and profile picture, but also harvested private data like nonpublic lists of friends. "Who is your yang?" and "What kind of dog are you according to your zodiac sign?"

Facebook notes that it publicly announced the compromise around October 31st, which roughly matches the date of a BBC report revealing the private message breach, quoting Facebook blaming malicious browser extensions.

Matthew Tisdal, a senior network engineer for Pivotal IT says, "this malicious malware browser extension is in the background scraping data and giving the information that the hackers want to be able to sell on the black market".

Whether Facebook can expect any success from the suit is up in the air, given it can't compel Gorbachov or Sluchevsky to come to the United States to face trial.

It's been a roller coaster year for Facebook investors.

If this scenario sounds in any way familiar that's because Cambridge Analytica came under fire for similar practices in 2018 when it was discovered the company accessed tens of millions of Facebook user profiles after quizzes were taken by unsuspecting users.

"Friday, Facebook filed a complaint against two developers based in the Ukraine for violations of our policies and other United States laws by operating malicious browser extensions created to scrape Facebook and other social networking sites".

In this complaint, Facebook alleges that users "effectively compromised their own browsers" by installing extensions.

The scheme seemingly wouldn't have worked, however, if Facebook hadn't approved the hackers as developers who could use its Facebook Login feature.

The lawsuit accuses the pair of fraud and breach of contract and seeks monetary damages and a restraining order against the alleged hackers and their associates. Facebook allegedly spent more than $75,000 investigating the breach, which "interfered with and undermined Facebook's relationship with its users". In both cases, the defendants are overseas and seem unlikely to suffer serious consequences. These browser plugins offered personality quizzes to users on installation.

Like this: