Malicious quiz app developers sued by Facebook

News by Bradley Barth

Facebook has filed a lawsuit against two Ukrainian men accused of creating fraudulent quiz applications that tricked users into installing malicious browser extensions.

Facebook has filed a lawsuit against two Ukrainian men accused of creating fraudulent quiz applications that tricked users into installing malicious browser extensions. These extensions allegedly scraped information from users’ social media pages and injected unapproved advertisements when users would visit various social networking sites, including Facebook.

As reported in The Verge, Facebook filed the suit on 8 March in Northern California court against Kyiv, Ukraine residents Gleb Sluchevsky and Andrey Gorbachov. In its filing, the social media giant says that from 2016-2018, the defendants used fake aliases to operate and distribute a series of quiz apps that were made publicly available for download via the web.

These four apps – called "Supertest," "FQuiz," Megatest" and "Pechenka" – allegedly encouraged users to download browser plug-ins that were secretly designed to steal names, genders, age ranges, profile pictures and private friend lists from numerous social media sites.

Examples of the quizzes, which primarily targeted Russian and Ukranian users, included "What is the colour of your aura?", "Determine by photo, who is your famous ancestor?", and "What animal are you?".

Facebook says it disabled all of the defendants’ known accounts last October, but not before Sluchevsky and Gorbachov allegedly compromised roughly 63,000 browsers of Facebook users.

"Defendants’ fraudulent applications falsely represented, to anyone using the FacebookLogin feature, that the user was only granting the applications access to a limited amount of public Facebook profile information," the lawsuit states. "In fact, Defendants knew that the applications were designed to scrape the app users’ public profiles on Facebook and other social networking sites, and to prompt users to install malicious extensions for the purpose of manipulating the users’ browsers and collect the users’ private and non-publicly viewable lists of friends when the app user visited the Facebook site."

Facebook is seeking a court injunction against the defendants, as well as monetary damages. (Facebook spent US$ 75,000 (£57,000) over the course of its investigation into the malicious extensions, The Verge reported.) The company claims Sluchevsky and Gorbachov not only breached their contracts with Facebook, but also violated the US Computer Fraud and Abuse Act and the California Comprehensive Computer Data Access and Fraud Act.

Last last year, Facebook publicly blamed malicious browser extensions for a data breach involving at least 257,256 stolen profiles, including 81,208 that included private messages. Journalists from the BBC, aided by researchers from Digital Shadows, began investigating the matter last September after seeing the accounts advertised on BlackHat SEO, an English-speaking internet forum. It is not clear if this incident and the lawsuit are related.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike