The company Facebook has sued the Ukrainian Alexander Solonchenko for collecting data from 178 million Facebook users using scraping, and then putting this information up for sale on a hacker forum.
According to court documents, Solonchenko abused Facebook Messenger’s Contact Importer feature. Previously, this feature allowed users to sync their phone address books and see which contacts have a Facebook account (so users could connect with their friends through Facebook Messenger).
According to Facebook, from January 2018 to September 2019, Solonchenko used an automated tool to simulate Android devices and bombarded Facebook’s servers with millions of random phone numbers. Since the company’s servers in response reported for which phone numbers the account exists on the site, Solonchenko collected a huge array of data, which he put up for sale on the well-known hack forum RaidForums on December 1, 2020.
On the forum, Solonchenko used the pseudonym Solomame (later barak_obama), and sold the data of hundreds of millions of users of various companies.
Experts of the social network managed to connect Solonchenko with the user Solomame after he used the same nickname and left the same contacts for communication on several job search portals.
The social network is now asking a judge to sign an injunction prohibiting Solonchenko from accessing Facebook sites and other products and from further selling the scraped data. The social network is also seeking redress, although it is not yet clear what amounts are involved.
It is worth noting that in the spring of this year, another person put up for sale the data of 533 million Facebook users, also collected in a similar way. Back then, Facebook representatives said they had disabled the Contact Importer feature back in September 2019 when they discovered it was being abused by hackers.
