Why Did Facebook File This Lawsuit?
Facebook led by Mark Zuckerberg accuses the company “Oink and Stuff”, based out of Portugal, of scraping user data off the Facebook website. This says Facebook violates its terms of service and Portugal’s Database Protection Law.
Four malicious extensions were made available on Alphabet Inc’s Chrome store, says Facebook in the lawsuit. “When people installed these extensions on their browsers, they were installing concealed code designed to scrape their information from the Facebook website, but also information from the users’ browsers unrelated to Facebook — all without their knowledge,” claims Facebook in the filing.
According to Facebook, when people visited its website the extensions scraped information such as name, user ID, gender, relationship status, age group, and other account details.
The social media company is seeking a permanent injunction against the defendants and demanding they delete all Facebook data in their possession.
What Else Is Facebook Saying
It’s not just Facebook being scraped by the bad extensions. According to Jessica Romero, Facebook’s Director of Platform Enforcement and Litigation, “When people installed these extensions on their browsers, they were installing concealed code designed to scrape their information from the Facebook website, but also information from the users’ browsers unrelated to Facebook — all without their knowledge,”
The malicious extensions were developed by a software company named “Oink and Stuff,” which specializes in creating Android apps and browser extensions for Chrome, Firefox, Opera, and Microsoft Edge. Facebook said it found data collection-related malicious behavior inside four extensions named Web for Instagram plus DM, Blue Messenger, Emoji keyboard, and Green Messenger, which Facebook said “functioned like spyware.”
As of this writing, all four extensions are still available on the official Chrome Web Store at the time of writing, and have more than 54,000 installs, combined
A Long Line Of Facebook Lawsuits
This lawsuit is just the latest of Facebook’s fight against rogue app and extension developers. Ever since 2019, Facebook’s legal department has been filing lawsuits against a number third-parties that have been abusing its platform, including:
March 2019 – Facebook sues two Ukrainian browser extension makers (Gleb Sluchevsky and Andrey Gorbachov) for allegedly scraping user data.
August 2019 – Facebook sues LionMobi and JediMobi, two Android app developers on allegations of advertising click fraud.
October 2019 – Facebook sues Israeli surveillance vendor NSO Group for developing and selling a WhatsApp zero-day that was used in May 2019 to attack attorneys, journalists, human rights activists, political dissidents, diplomats, and government officials.
December 2019 – Facebook sued ILikeAd and two Chinese nationals for using Facebook ads to trick users into downloading malware.
February 2020 – Facebook sued OneAudience, an SDK maker that secretly collected data on Facebook users.
March 2020 – Facebook sued Namecheap, one of the biggest domain name registrars on the internet, to unmask hackers who registered malicious domains through its service.
April 2020 – Facebook sued LeadCloak for providing software to cloak deceptive ads related to COVID-19, pharmaceuticals, diet pills, and more.
June 2020 – Facebook sued to unmask and take over 12 domains containing Facebook brands and used to scam Facebook users.
June 2020 – Facebook sued MGP25 Cyberint Services, a company that operated an online website that sold Instagram likes and comments.
June 2020 – Facebook sued the owner of Massroot8.com, a website that stole Facebook users’ passwords.
August 2020 – Facebook sued MobiBurn, the maker of an advertising SDK accused of scraping user data.
August 2020 – Facebook sued the owner of Nakrutka, a website that sold Instagram likes, comments, and followers.
October 2020 – Facebook sued the maker of two Chrome extensions for scraping user data.