Facebook filed the lawsuit on Thursday in the Northern District of California against ILikeAd Media International Company Ltd. as well as a Chinese software developer and a marketing director working for the firm, Chen Xiao Cong and Huang Tao.
All three defendants have been alleged to have deceived people into installing malware on their systems, enabling them to compromise user's Facebook accounts and then using those hacked accounts to advertise counterfeit goods and diet pills—which is clearly in violation of Facebook's Terms and Advertising Policies.
"The suit seeks to hold accountable ILikeAd Media International Company Ltd. and Chen Xiao Cong and Huang Tao for creating the malware, tricking people into installing it, compromising people's Facebook accounts and then using people's accounts to run deceptive ads," Facebook said in a blog post today when announcing the lawsuit.
According to the social media giant, the defendants made use of improper practices such as "celeb bait" and "cloaking" to bait Facebook users into downloading and installing malware that eventually compromised their Facebook accounts.
While 'cloaking' involves deliberately disguising the true destination of a link in the ad by displaying one version of the ad's landing page to Facebook and another version to Facebook users, 'celeb bait' involves misusing celebrities photos in ads to entice users to click on them.
"Cloaking schemes are often sophisticated and well organized, making the individuals and organizations behind them difficult to identify and hold accountable. As a result, there have not been many legal actions of this kind," Facebook said.
Since April, Facebook has notified hundreds of thousands of users that their accounts may have been compromised and instructing them to change their passwords, according to the complaint.
Facebook also said the social media company had issued more than $4 million in refunds to victims whose Facebook accounts were used to run unauthorized ads and also helped to secure their accounts compromised in this malicious advertisement scheme.
This is the latest lawsuit that Facebook filed in a federal court against entities and individuals abusing its properties for malicious intent.
Just over a month ago, Facebook sued surveillance vendor NSO Group for allegedly hacking 1,400 mobile devices by misusing the company's secure messaging platform, WhatsApp.
In August this year, Facebook also filed a lawsuit against two shady Android app developers, Hong Kong-based 'LionMobi' and Singapore-based 'JediMobi,' for allegedly running a "click injection fraud" scheme that programmed bots to click on Facebook ads.
In March this year, Facebook also took two Ukrainian men into the courts for allegedly using quiz apps on the platform to distribute malware that steals Facebook users' data.