Application security, Threat Management, Malware

Company sued for allegedly hijacking Facebook accounts to serve ads

In a lawsuit filed yesterday, Facebook is accusing a Hong Kong-based company of infecting individuals with malware in order to hijack their Facebook ad accounts and run malicious advertisements at their expense.

The Menlo Park, Calif.-based social media company filed the legal documentation in a San Francisco federal court against ILikeAd Media International Company Ltd., a company that, according to the complaint, offers advertising and affiliate marketing services to businesses that are interested in reaching an audience of Facebook users. Additionally, Facebook sued two individuals: Wuhan, China-based software developer Chen Xiao Cong and Huang Tao, a marketing director at Guangzhou HongYi Technology Company Ltd., an affiliate company of ILikeAd.

Facebook, which seeks injunctive relief and financial restitution and damages, claims the defendants used various websites to promote browser software that contained a malicious plug-in or browser extension. This malware is capable of finding and taking over users' Facebook ad accounts, allegedly allowing ILikeAd to use the compromised accounts to purchase advertisements for counterfeit goods and male enhancement and diet pills. The lawsuit further alleges that Cong programmed malware to disable Facebook users' account security notifications so the compromise would go unnoticed.

Facebook also accuses the defendants of employing a technique called cloaking, which attempts to fool Facebook's automated ad-approval systems by showing a different landing page than the one to which Facebook users will actually be sent.

"Cloaking schemes are often sophisticated and well organized, making the individuals and organizations behind them difficult to identify and hold accountable," states a Facebook company blog post, written by Jessica Romero, Facebook’s director of platform enforcement and litigation, and Rob Leathern, director of product management, business integrity. "As a result, there have not been many legal actions of this kind." Facebook also accuses the defendants of using celeb bait – provocative images of famous people – to lure people into clicking their deceptive advertisements.

Facebook says the scheme began no later than 2016 and has continued through at least August 2019. "Since April 2019, Facebook has notified hundreds of thousands of users that their Facebook accounts may have been compromised, and it has required those users to verify their identity and change their Facebook account passwords," the complaint states. The company says it has reimbursed $4 million to victims of this alleged scam.

The lawsuit asserts that the defendants' actions are in violation of the California Comprehensive Computer Data Access and Fraud Act and the Federal Computer Fraud and Abuse Act.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.