Skip To Content
BuzzFeed News Home Reporting To You

Utilizamos cookies, próprios e de terceiros, que o reconhecem e identificam como um usuário único, para garantir a melhor experiência de navegação, personalizar conteúdo e anúncios, e melhorar o desempenho do nosso site e serviços. Esses Cookies nos permitem coletar alguns dados pessoais sobre você, como sua ID exclusiva atribuída ao seu dispositivo, endereço de IP, tipo de dispositivo e navegador, conteúdos visualizados ou outras ações realizadas usando nossos serviços, país e idioma selecionados, entre outros. Para saber mais sobre nossa política de cookies, acesse link.

Caso não concorde com o uso cookies dessa forma, você deverá ajustar as configurações de seu navegador ou deixar de acessar o nosso site e serviços. Ao continuar com a navegação em nosso site, você aceita o uso de cookies.

Facebook Is Suing Two Developers It Says Sold Fake Likes And Scraped User Data

It’s the latest example of Facebook suing people it says have abused its platform.

Posted on June 18, 2020, at 12:51 p.m. ET

BuzzFeed News

Facebook is suing two developers and a Spanish company it alleges sold software that delivered fake likes and comments on Instagram, and unlawfully scraped user data from Facebook.

Facebook filed separate lawsuits in Spain and California today against Mohammad Zaghar, a Moroccan developer, and Marcos Gómez Platón, a Spanish developer, and his company MGP25 Cyberint Services.

“The defendants in the European lawsuit operated a Spain-based fake engagement service, and the defendant in the US lawsuit operated a data scraping service with ties to California,” wrote Jessica Romero, Facebook’s director of platform enforcement and litigation, in a blog post.

The suits are the latest examples of a legal and anti-regulation strategy from the platform that has seen it file 13 lawsuits since early 2019 against companies and individuals it alleges were involved in ad fraud, sold fake engagement, cybersquatted, and abused user data.

The suits help Facebook signal it’s “being a responsible actor, so that it undercuts the case for regulating it,” Cary Coglianese, director of the Penn Program on Regulation and a professor of law and political science at the University of Pennsylvania, previously told BuzzFeed News.

Facebook said Zaghar and Platón continued with their activities after being sent cease-and-desist letters.

Platón, who goes by MGP25 online, attracted media coverage in January when Instagram filed a Digital Millennium Copyright Act takedown request that caused GitHub to remove the code for one of his projects, “Instagram-API.” A Facebook spokesperson said that service was one of the product offerings targeted in the lawsuit.

“The defendant’s service was designed to evade Instagram’s restrictions against fake engagement by mimicking the Instagram official app in the way that it connected to our systems,” Romero wrote.

Platón’s website and LinkedIn profile identify him as a telecommunications engineer.

In an email, Platón denied selling engagement on Instagram.

“My company doesn’t sell likes, my company is a security consultant for penetration testing and reverse engineering, so I think they are getting confused,” he told BuzzFeed News.

A contract that appears to be between MGP25 Cyberint Services and a Russian company, and that was uploaded to an online documents site in March, makes reference to “Instagram API Services” and says MGP25 would be paid 1,000 Euros per month for it. Platón declined to comment on the contract.

In a separate suit, Facebook alleged Zaghar operated a service, Massroot8, that scraped user data. The Massroot8 site offers a range of tools, including the ability to extract contact information, such as emails, from Facebook accounts, and to send bulk messages via Messenger.

Facebook’s complaint alleges Zaghar previously ran sites such as that offered the same data scraping. Facebook’s complaint alleges he shut down that and another site after being sent a cease-and-desist letter in July of 2018, and shifted his activity to Massroot8 just a few months later.

BuzzFeed News used domain records and web analytics and advertising IDs to connect Zaghar to other sites such as, which offers the ability to search Instagram, as well as to a now-defunct music lyrics website. He also owns, which Domain Tools, a security threat analysis platform, lists as a malicious domain.

That domain’s registration records lists an address in Morocco that also has the same home address shown in a video from the TheMrZaghar YouTube account, which Facebook attributed to him in its filing. In one video, and in corresponding social media accounts, Zaghar appears to be a man in his early to mid-twenties.

He did not immediately respond to a request for comment.

A BuzzFeed News investigation, in partnership with the International Consortium of Investigative Journalists, based on thousands of documents the government didn't want you to see.