Facebook (now known as Meta) has reportedly been rewriting websites that its users visit, allowing the company to track them across the web after they click links in its app by “injecting” tracking code. The security researcher that sounded the alarm say that the tracking code allows Mark Zuckerberg to “monitor all user interactions, like every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers.”
The Guardian reports that a security researcher alleges that Facebook has been rewriting websites that its users visit and allowing the company to track them across the web after clicking links in its apps.
Facebook and Instagram have been taking advantage of the fact that users who click links are taken to webpages in an “in-app browser” which is controlled by the apps rather than redirecting them to their device’s native browser.