Facebook sues Ukrainians for using browser extensions to steal user data

Facebook filed a lawsuit on Friday (March.8th) against two Ukrainian developers for creating Facebook apps and browser extensions that compromised user data and injected third-party ads.

The accused, Andrey Gorbachov and Gleb Sluchevsky, are both based in Kiev, and work for a company called the Web Sun Group.

According to court documents, both of the defendants ran at least four web apps that provided quizzes on several different topics.

Third-party websites

The web apps were advertised and distributed on Facebook but they were hosted on a multitude of third-party websites such as megatest.online, supertest.name, testsuper.su, testsuper.net, fquiz.com, and funnytest.pro.

Named Supertest, FQuiz, Megatest, and Pechenka, each of the four web apps were advertised toward Russian and Ukrainian-speaking audiences and enticed users with themes such as: ‘Do you have royal blood?’, ‘You are yin. Who is your yang?’ and ‘What kind of dog are you according to your zodiac sign?’ according to the lawsuit.

Browser extensions

Facebook claims that both men ran their scheme between 2016 and 2018. Once users landed on these sites, they’d be prompted to enable push notifications in their browsers, which eventually led the same users to install various browser extensions.

These extensions contained malicious code that allowed the defendants to scrape information from the app users’ social media profiles and inject authentic looking ads into their timelines.

Other social media networking sites were also targeted by the two developers, but the company didn’t name the other sites in its civil complaint.

Facebook said in its complaint that the malicious extensions were promoted on at least three official browser stores, and the scraped data was sent to servers in the Netherlands.

“In total, the defendants compromised approximately 63,000 browsers used by Facebook users and caused over $75,000 in damages to Facebook,” the company claims in its civil complaint, citing the cost of rooting out the activity.

“Defendants used the compromised app users as a proxy to access Facebook computers without authorisation,” Facebook said.


The company is now seeking an injunction and restraining order against the two developers. If granted, the injunction could bar them from creating any more apps targeting Facebook users.

Facebook is also said to be seeking other financial relief for its investigation into the defendants and restitution of any funds that the two received through the scheme.

This is the second lawsuit being filed by Facebook this month. On the 1st of March, Facebook also filed a lawsuit against four Chinese companies and three individuals based in China for promoting the sale of fake accounts, likes, and followers on Facebook and Instagram.

Related Posts