Facebook sues Ukrainian hackers for spreading malware-ridden quiz apps

The defendants are accused of "scrapping" users' profile information

Facebook profile page

Facebook has sued two Ukrainian men for allegedly stealing personal data from the social network by infecting 63,000 users profiles with malware delivered via a set of personality quizzes.

The two men, Gleb Sluchesky and Andrey Gorbachov, are accused of operating four web apps that targeted Russian and Ukrainian users between 2017 and 2018.

According to a court document, filed on Friday, the apps offered personality quizzes, such as 'Who are you of modern vampires', a quiz based on the movie Twilight, and 'Who are you from the past', a quiz to match users with historical figures.

The apps used Facebook's login feature, promising to use limited information, but it would then direct users to download a browser plugin. This extension was used to then infect the a user's profile with malware, removing personal and public information from the page and replacing Facebook-approved ads with the hacker's own. By being listed as approved developers by Facebook, the hackers were effectively given the scope to exploit the Facebook Login plugin. 

Advertisement - Article continues below
Advertisement - Article continues below

"In 2017 and 2018, defendants Gleb Sluchesky and Andrey Gorbachov, operated fraudulent web applications designed to deceive their users into installing malicious browser extensions," the court paper stated.

"The malicious extension enabled defendants to "scrape" information from the app user's social media profiles and inject advertisements when the app users visited different social networking sites, including Facebook."

This means, specifically, that the two men harvested the app user's publicly viewable information, such as their name, age, gender and profile picture, and even private information uch as their 'friends' lists.

In 2018, following an investigation, Facebook deleted all accounts linked to the two men, but by then they had infected approximately 63,000 browsers and caused over $75,000 in damages to Facebook.

According to The Verge, the time that Facebook first announced the data breach matches reports of a breach to private messages from November 2018, which suggests the pair are linked to that breach. In that incident, some 81,000 Facebook users had their private messages published online, with a broker to access the profiles for as little as 8p per account.

This is further fallout from a disastrous 2018 for Facebook, which began with revelations of the Cambridge Analytic scandal. The root of that particular controversy was also third parties creating personality quizzes with hidden motives. But on that occasion, it was data harvesting for political motives.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020