Security News > 2021 > January > Facebook: Malicious Chrome Extension Developers Scraped Profile Data

Facebook: Malicious Chrome Extension Developers Scraped Profile Data
2021-01-14 22:30

Facebook has filed legal action against two Chrome extension developers that the company said was scraping user profile data - including names and profile IDs - as well as other browser-related information.

The two unnamed developers under the business name Oink and Stuff, developed Chrome malicious browser extensions, which actually contained hidden code "That functioned like spyware," alleges Facebook.

Facebook Inc. and Facebook Ireland filed the legal action, in Portugal, saying the two developers violated the social media giant's Terms of Service and Portugal's Database Protection Law, according to Facebook.

Data scraping is a challenge that Facebook continues to grapple with, starting in the wake of the Cambridge Analytica scandal, in which Facebook allowed a third-party application to scrape and then hand over the data of up to 50 million platform users to the company.

In 2018, Facebook CEO Mark Zuckerberg said millions of users of the social network may have had their data scraped by malicious actors using a reverse search tool.

In March 2019, Facebook sued two Ukrainian men that it said used quiz apps and malicious browser extensions to scoop up private data from 63,000 platform users, and then used that data for advertising purposes.


News URL

https://threatpost.com/facebook-malicious-chrome-extension-developers-scraped-profile-data/163079/