Facebook sues four Vietnamese nationals for hijacking accounts
Social networking giant Facebook has filed two lawsuits today against two suspected criminal groups that abused its advertising platform for their own gains.
The first lawsuit was filed against four Vietnamese nationals for hijacking user accounts and the second against a US company for running an e-commerce bait-and-switch scam.
In the first lawsuit, Facebook said that:
- Four individuals from Vietnam used a technique known as "session theft" or "cookie theft" to gain access to the Facebook accounts of employees at multiple advertising and marketing agencies.
- The four suspects used the hacked Facebook accounts to run unauthorized ads that promoted a malicious Android app named "Ad Manager for Facebook."
- The app contained malware that showed phishing screens that collect Facebook login credentials from users who installed it.
- The app was hosted on the official Google Play Store and was installed more than 10,000 times between December 2020 and May 2021.
- The four suspects ran Facebook ads worth more than $36 million to promote this malicious app.
- Facebook said it refunded the victims whose accounts were abused and is now seeking to regain the lost funds from the four.
In the second lawsuit, Facebook said that:
- A California-based company named N&J USA Incorporated ran deceptive ads on Facebook for clothing, watches, and toys.
- When users clicked the ads, the company redirected users to a payment page but never delivered the products or delivered products of inferior quality.
- When users complained, Facebook said the company blocked or hid negative comments from their official page.
- Facebook said this is the company's first lawsuit against a bait-and-switch scheme that ran on Facebook.
The two lawsuits today are just the most recent cases the social network has filed over the course of the past three years against entities that have abused its platform for various forms of cybercrime. Previous cases include:
- March 2019 - Facebook sues two Ukrainian browser extension makers (Gleb Sluchevsky and Andrey Gorbachov) for allegedly scraping user data.
- August 2019 - Facebook sues LionMobi and JediMobi, two Android app developers, on allegations of advertising click fraud.
- October 2019 - Facebook sues Israeli surveillance vendor NSO Group for developing and selling a WhatsApp zero-day that was used in May 2019 to attack attorneys, journalists, human rights activists, political dissidents, diplomats, and government officials.
- December 2019 - Facebook sued ILikeAd and two Chinese nationals for using Facebook ads to trick users into downloading malware.
- February 2020 - Facebook sued OneAudience, an SDK maker that secretly collected data on Facebook users.
- March 2020 - Facebook sued Namecheap, one of the biggest domain name registrars on the internet, to unmask hackers who registered malicious domains through its service.
- April 2020 - Facebook sued LeadCloak for providing software to cloak deceptive ads related to COVID-19, pharmaceuticals, diet pills, and more.
- June 2020 - Facebook sued to unmask and take over 12 domains containing Facebook brands and used to scam Facebook users.
- June 2020 - Facebook sued MGP25 Cyberint Services, a company that operated an online website that sold Instagram likes and comments.
- June 2020 - Facebook sued the owner of Massroot8.com, a website that stole Facebook users' passwords.
- August 2020 - Facebook sued MobiBurn, the maker of an advertising SDK accused of scraping user data.
- August 2020 - Facebook sued the owner of Nakrutka, a website that sold Instagram likes, comments, and followers.
- October 2020 - Facebook sued the maker of two Chrome extensions for scraping user data.
- November 2020 - Facebook sued a Turkish national for operating a network of at least 20 Instagram clones.
- February 2021 - Facebook sued two Chrome extension developers that secretly scraped user data from Facebook sites.
- April 2021 - Facebook and Gucci filed a joint lawsuit against a persistent product counterfeiter that used Instagram to peddle its fakes.
Catalin Cimpanu
is a cybersecurity reporter who previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.