The Chrome extensions are again under fire for violations of user privacy. Once again, it is Facebook that takes action — Facebook Inc. and Facebook Ireland have sued two people in Portugal for stealing Facebook user profile data.
The two developers have in fact created and distributed four browser extensions on the Google Chrome store which, according to Facebook, are real spyware.
Facebook reports that malicious data collection behavior has been found in four Oink and Stuff extensions for the Chrome browser: Web for Instagram plus DM, Blue Messenger, Emoji keyboard, and Green Messenger. All of them are no longer available in the Chrome Web Store and have totaled over 54,000 downloads.
In the official statement Facebook explains: “They misled users into installing the extensions with a privacy policy that claimed they did not collect any personal information. Four of their extensions — Web for Instagram plus DM, Blue Messenger, Emoji keyboard and Green Messenger were malicious and contained hidden computer code that functioned like spyware. If the user visited the Facebook website, the browser extensions were programmed to scrape their name, user ID, gender, relationship status, age group and other information related to their account.”
The four Chrome extensions discovered do not attack the Facebook infrastructure, but are limited to operating on the user side, through the browser. Those who have not installed them, therefore, risk nothing. Those who did, instead gave a lot of data to the two Portuguese developers: name, user ID, gender, sentimental status, age and many other information related to their Facebook account.
Facebook is demanding that a Portuguese court impose a permanent injunction against Oink and Stuff and force the company to delete all collected data about Facebook users that were obtained through the extensions listed above.
