December 8, 2022

COSFONE

Networking, PBX, IT, DIY Solution

Meta (Facebook) warns 1 million Facebook users may have password-stealing apps installed

2 min read

Meta (Facebook) warns 1 million Facebook users may have password-stealing apps installed



 

Meta (Facebook) warns 1 million Facebook users may have password-stealing apps installed.

Meta Inc. warned 1 million Facebook users that their account information may have been leaked by third-party apps from Apple or Google stores.

In a new report, the company’s security researchers say they’ve uncovered more than 400 scam apps designed to hijack users’ Facebook account credentials in the past year.

 

Meta (Facebook) warns 1 million Facebook users may have password-stealing apps installed

 

According to the company, the apps are disguised as “interesting or useful” services such as photo editors, camera apps, VPN services, horoscope apps and fitness tracking tools. These apps often require users to “log in to Facebook” before accessing the promised functionality.

But these login features are just one means of stealing Facebook user account information.

And Meta’s Director of Threat Compromise, David Agranovich, noted that many of the apps Meta found had little functionality.

 

“Many apps offer little to no functionality until you log in, and most don’t even offer any functionality after a person agrees to log in,” Agranovich said in his presentation.

 

Notably, Meta found malicious apps on both Google’s Play Store and Apple ‘s App Store, though the vast majority were Android apps.

Interestingly, while the malicious Android apps are mostly consumer apps, like photo filters, the 47 iOS apps are almost all of what Meta calls “commercial utility” apps. The names of the services include “Very Business Manager,” “Meta Business,” “FB Analytic,” and “Ads Business Knowledge,” and appear to be aimed specifically at people using Facebook’s business tools.

 

Meta shared its findings with Apple and Google, but it was ultimately up to the store to ensure the apps were removed, Agranovich said.

Meanwhile, Facebook is warning 1 million people who may have used the apps. The notifications inform users that their account information may have been compromised by an app — it didn’t specify which one — and recommend resetting their passwords.

 



Copyright © All rights reserved. | Newsphere by AF themes.