Facebook sue two men using quiz apps to harvest data of users

ByCraig Haley

Facebook is suing two men from the Ukraine for misusing their app platform and directing users to rogue browser extensions.

Trivial looking apps that promise to offer you the chance to see what your eye color says about you, or what character from the Twilight saga you’re most like, are pretty much par for the course on Facebook.

They’re the social media version of horoscopes. Seemingly harmless, and few take them particularly seriously.

But many of these Facebook quizzes can have a darker side, as the 2018 Cambridge Analytica incident demonstrated. And now in another case of “harmless” quizzes gone awry, it’s Facebook this time taking a third party to task for using their app platform to direct Facebook users to malicious browser extensions.


Sponsored Content. Continued below...




Facebook has said it is suing two men from the Ukraine – Gleb Sluchesky and Andrey Gorbachov – for developing Facebook apps that masqueraded as silly tests and quizzes to direct users to websites that implored visitors to install malicious browser extensions.

Browser extensions are pieces of software that add-on to the user’s Internet browser that allows the browser to do certain things it normally couldn’t. In many cases, browser extensions can act in a very similar way to traditional malware.

These malicious browser extensions were found to be scraping the personal information of any Facebook user who installed the app and the browser extension, including their name, profile picture and friends list, as well as injecting adverts onto the user’s newsfeed that actually belonged to Sluchesky and Gorbachov, not Facebook.


Sponsored Content. Continued below...




The scheme operated between 2016 and 2018, and according to Facebook, had infected around 63,000 browsers. The quizzes were spreading under names including Supertest and FQuiz.

It’s likely it took so long for Facebook to remove the offending Facebook apps because it was not the apps themselves that were doing anything malicious. Rather, they were directing users to rogue browser extensions, and it was these extensions that were scraping data and injecting adverts, outside of Facebook’s app platform.

The difference between this case and the Cambridge Analytica incident, other than it’s Facebook taking on the plaintiff role, is that Facebook assert that it was their user’s themselves that compromised their own devices by giving permission for browser extensions to install onto their device. In the Cambridge Analytica incident, it was the Facebook apps that were scraping user’s information.

Remember that browser extensions can be malicious, so you should never agree to let them install unless you trust the developer of the extension; obviously the same rule applies to software and apps as well. And please, think twice before engaging with these silly Facebook quizzes and tests, like we’ve warned before. Of course not all of them exist with malicious intent, but in this particular corner of cyberspace, it can be very difficult to differentiate between legitimate developers and those who may want to cause you harm.

Keep up-to-date with all our latest articles. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)