Facebook sues two Chrome extension makers for scraping user data

facebook

Symbol by way of Alex Haney

Fb has filed a lawsuit nowadays in opposition to two firms for growing and distributing malicious browser extensions that scraped person knowledge with out authorization from the Fb and Instagram web pages.

Named within the lawsuit are BrandTotal Ltd., an Israeli-based corporate with a Delaware subsidiary, and Unimania Inc., integrated in Delaware.

The 2 firms are in the back of UpVoice and Commercials Feed, two Chrome extensions to be had at the legitimate Chrome Internet Retailer since September and November 2019, the place they racked up greater than five,000 and 10,000 installs, respectively.

“BrandTotal enticed customers to put in the UpVoice extension from the Google Chrome Retailer via providing bills in change for installs, within the type of on-line present playing cards, and claiming that the customers who put in the extension become ‘panelists . . . [who] affect the selling choices and logo methods of multi-billion greenbacks (sic) companies’,” Fb mentioned in court docket paperwork filed nowadays.

upvoice-website.pngupvoice-website.png

UpVoice web site

“In a similar way, Unimania promoted its Commercials Feed extension at the Google Chrome Retailer via claiming that the customers become ‘a panel member of an elite group team that affects the promoting choices of multi-billion greenback companies!’,” Fb added.

However Fb claims that regardless of their descriptions, each extensions had been malicious and designed to scrape public and private knowledge from customers’ on-line accounts.

Consistent with court docket paperwork, Fb claims the UpVoice extension scraped knowledge from person profiles at Fb, Instagram, Amazon, Twitter, LinkedIn, Pinterest, and YouTube.

In a similar way, Commercials Feed gathered knowledge from customers getting access to their Fb, Instagram, Amazon, Twitter, and YouTube profiles, respectively.

Scraped knowledge normally integrated person profile data (identify, person ID, gender, date of delivery, dating standing, and site data), ads and promoting metrics (identify of the advertiser, symbol and textual content of the commercial, and person interplay and response metrics), and person Advert Personal tastes (person commercial pastime data) — none of which the corporate used to be approved to own.

The Menlo Park-based social media massive claims that knowledge illegally received throughout the two extensions has been re-packaged and offered as “advertising intelligence” by way of BrandTotal’s web site.

Fb claims the 2 firms are the similar

Fb says each extensions used nearly an identical code to scrape knowledge from customers and despatched the information again to the similar far flung servers. In truth, Fb believes the 2 firms are the similar.

“Defendants shared commonplace staff and brokers,” Fb defined in its criticism.

“For instance, BrandTotal’s Leader Product Officer and Common Supervisor (Ex. five), created Fb accounts within the identify of Unimania and the Commercials Feed extension. BrandTotal’s Leader Era Officer and co-founder (Ex. five) additionally administered Unimania accounts on Fb.”

Fb is now in the hunt for to position a forestall to this schem. The social community has requested a pass judgement on to factor an enduring injunction in opposition to each firms to stop them from getting access to the Fb and Instagram web pages, block them from growing additional extensions, and has requested for compensatory damages in line with the 2 firms’ earlier earnings.

Each extensions are nonetheless to be had for obtain

But, despite the intensive knowledge scraping habits detected via Fb, even in opposition to Google-owned products and services, the 2 extensions are nonetheless to be had at the Chrome Internet Retailer.

Fb mentioned it attempted a large number of occasions to have them taken down, however Google has no longer spoke back to its requests.

Unimania, prior to growing the Commercials Feed extension, used to be prior to now interested in some other scandal in 2018 when AdGuard discovered 4 of the corporate’s Chrome extensions scraping Fb person knowledge.


Since early 2019, Fb’s felony division has been submitting court cases in opposition to a number of third-parties which have been abusing its platform. Earlier court cases come with: 

March 2019 – Fb sues two Ukrainian browser extension makers (Gleb Sluchevsky and Andrey Gorbachov) for allegedly scraping person knowledge.
August 2019 – Fb sues LionMobi and JediMobi, two Android app builders on allegations of promoting click on fraud.
October 2019 – Fb sues Israeli surveillance dealer NSO Workforce for growing and promoting a WhatsApp zero-day that used to be utilized in Would possibly 2019 to assault lawyers, reporters, human rights activists, political dissidents, diplomats, and govt officers.
December 2019 – Fb sued ILikeAd and two Chinese language nationals for the usage of Fb commercials to trick customers into downloading malware. 
February 2020 – Fb sued OneAudience, an SDK maker that secretly gathered knowledge on Fb customers.
March 2020 – Fb sued Namecheap, one of the vital largest area identify registrars on the net, to unmask hackers who registered malicious domain names via its provider.
April 2020 – Fb sued LeadCloak for offering tool to cloak misleading commercials associated with COVID-19, prescription drugs, weight loss supplements, and extra.
June 2020 –  Fb sued to unmask and take over 12 domain names containing Fb manufacturers and used to rip-off Fb customers.
June 2020 – Fb sued MGP25 Cyberint Services and products, an organization that operated an internet web site that offered Instagram likes and feedback.
June 2020 – Fb sued the landlord of Massroot8.com, a web site that stole Fb customers’ passwords.
August 2020 – Fb sued MobiBurn, the maker of an promoting SDK accused of scraping person knowledge.
August 2020 – Fb sues the landlord of Nakrutka, a web site that offered Instagram likes, feedback, and fans.

Leave a Reply

Your email address will not be published. Required fields are marked *