Facebook sues Ukrainian hackers for spreading malware-ridden quiz apps

The defendants are accused of "scrapping" users' profile information

Facebook profile page

Facebook has sued two Ukrainian men for allegedly stealing personal data from the social network by infecting 63,000 users profiles with malware delivered via a set of personality quizzes.

The two men, Gleb Sluchesky and Andrey Gorbachov, are accused of operating four web apps that targeted Russian and Ukrainian users between 2017 and 2018.

According to a court document, filed on Friday, the apps offered personality quizzes, such as 'Who are you of modern vampires', a quiz based on the movie Twilight, and 'Who are you from the past', a quiz to match users with historical figures.

The apps used Facebook's login feature, promising to use limited information, but it would then direct users to download a browser plugin. This extension was used to then infect the a user's profile with malware, removing personal and public information from the page and replacing Facebook-approved ads with the hacker's own. By being listed as approved developers by Facebook, the hackers were effectively given the scope to exploit the Facebook Login plugin. 

"In 2017 and 2018, defendants Gleb Sluchesky and Andrey Gorbachov, operated fraudulent web applications designed to deceive their users into installing malicious browser extensions," the court paper stated.

"The malicious extension enabled defendants to "scrape" information from the app user's social media profiles and inject advertisements when the app users visited different social networking sites, including Facebook."

This means, specifically, that the two men harvested the app user's publicly viewable information, such as their name, age, gender and profile picture, and even private information uch as their 'friends' lists.

In 2018, following an investigation, Facebook deleted all accounts linked to the two men, but by then they had infected approximately 63,000 browsers and caused over $75,000 in damages to Facebook.

According to The Verge, the time that Facebook first announced the data breach matches reports of a breach to private messages from November 2018, which suggests the pair are linked to that breach. In that incident, some 81,000 Facebook users had their private messages published online, with a broker to access the profiles for as little as 8p per account.

This is further fallout from a disastrous 2018 for Facebook, which began with revelations of the Cambridge Analytic scandal. The root of that particular controversy was also third parties creating personality quizzes with hidden motives. But on that occasion, it was data harvesting for political motives.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Most Popular

School laptops sent by government arrive loaded with malware

School laptops sent by government arrive loaded with malware

21 Jan 2021
SolarWinds hackers hit Malwarebytes through Microsoft exploit

SolarWinds hackers hit Malwarebytes through Microsoft exploit

20 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021