Meta says it will notify about 1 million Facebook users that their account credentials may have been compromised due to security issues with apps downloaded from Apple’s software stores. and Alphabet. The company announced Friday that it has identified more than 400 malicious Android and iOS apps this year targeting internet users to steal their login credentials. Meta said it notified both Apple and Google of the issue to facilitate the removal of the apps.
The apps work by disguised as a photo editor, mobile game or fitness tracker, Facebook said.
David Agranovich, Director of Global Threats at Meta. “If an app promises something too good to be true, such as unreleased features for another social media platform or website, there is a good chance that the app has negative effects. secret body”.
For example, a typical scam happens after a user downloads one of the malicious apps. The application will ask for a Facebook login works beyond basic functionality, thus tricking users into providing their username and password. The user can then upload the edited photo to their Facebook account. But in the process, they unwittingly compromised their account by giving the app’s author access.
Meta says it will share tips with potential victims on how they can avoid “re-intrusion” by learning how to better detect problematic apps stealing credentials, for whether it’s a Facebook account or another account. The malicious activity occurred outside of the Meta system, Agranovich said, adding that not all of the 1 million people necessarily had their passwords compromised.
© 2022 Bloomberg LP