Published: Thu, March 14, 2019
Electronics | By Shannon Stone

Hackers used Quizzes to Leak over 60K Facebook User data

Hackers used Quizzes to Leak over 60K Facebook User data

If a user then followed through and installed the malicious browser extension, the extension would gain access to the user's Facebook page.

Two Ukrainian hackers known as Gleb Sulchevsky and Andrey Gorbachov are facing trial for injecting advertisements into Facebook News Feed with quizzes.

"Facebook was vulnerable to very similar types of attacks, which simply means that Facebook is really good for targeting particular users with advertising, so it makes the platform so valuable", Dan Patterson, senior producer at CNET, told CBSN.

The alleged Ukrainian operation largely targeted Russian and Ukrainian speakers, Facebook said.

Facebook's inability to secure user data is being highlighted once again, this time after it was determined that several Ukrainian hackers managed to distribute online quizzes which provided them with access to user data.

"In total, the defendants compromised approximately 63,000 browsers used by Facebook users and caused over $75,000 in damages to Facebook", the company claims in its civil complaint, citing the cost of rooting out the activity.

The company has sued both the hackers, who are affiliated with a technology company called Web Sun Group, for fraud and breach of Facebook's terms of service.

As pointed out in a report by The Verge, this the second instance in two weeks where Facebook has filed such a lawsuit. Last year, the BBC questioned whether Facebook had been proactive enough in addressing the malicious plugins.

Facebook recalled that it announced that some user's accounts had been compromised on October 31st, 2018. It then alerted browser makers so the malicious extensions could be removed. Also, the hackers claimed of having scraped data from 120 million accounts on Facebook.

The complaint also says Sluchevsky and Gorbachov "caused Facebook to suffer irreparable reputational harm", which would tally with the scandal those private message sales caused - despite Facebook saying they weren't its fault.

The scheme seemingly wouldn't have worked, however, if Facebook hadn't approved the hackers as developers who could use its Facebook Login feature.

Recently, Facebook CEO Mark Zuckerberg posted a note outlining a vision of a more "privacy focused" social media giant. He promised to achieve a world that will protect people's information more.

Like this: