Meta (Facebook) warns 1 million Facebook users may have password-stealing apps installed
- An American company made 0.7nm chips: EUV lithography machines can’t do it
- CVE-2007-4559 Python vulnerability ignored for 15 years puts 350,000 projects at risk of code execution
- RISC-V only takes 12 years to achieve the milestone of 10 billion cores
- 14000 cores + 450W: RTX 4080 graphics card perfectly replaces the RTX 3080
- Big upgrade: The difference between Bluetooth 5.0 and 5.2
- Geeks Disappointed that RTX 4080/4090 doesn’t come with PCIe 5.0
- What are advantages and disadvantages of different load balancing?
Meta (Facebook) warns 1 million Facebook users may have password-stealing apps installed.
Meta Inc. warned 1 million Facebook users that their account information may have been leaked by third-party apps from Apple or Google stores.
In a new report, the company’s security researchers say they’ve uncovered more than 400 scam apps designed to hijack users’ Facebook account credentials in the past year.
According to the company, the apps are disguised as “interesting or useful” services such as photo editors, camera apps, VPN services, horoscope apps and fitness tracking tools. These apps often require users to “log in to Facebook” before accessing the promised functionality.
But these login features are just one means of stealing Facebook user account information.
And Meta’s Director of Threat Compromise, David Agranovich, noted that many of the apps Meta found had little functionality.
“Many apps offer little to no functionality until you log in, and most don’t even offer any functionality after a person agrees to log in,” Agranovich said in his presentation.
Notably, Meta found malicious apps on both Google’s Play Store and Apple ‘s App Store, though the vast majority were Android apps.
Interestingly, while the malicious Android apps are mostly consumer apps, like photo filters, the 47 iOS apps are almost all of what Meta calls “commercial utility” apps. The names of the services include “Very Business Manager,” “Meta Business,” “FB Analytic,” and “Ads Business Knowledge,” and appear to be aimed specifically at people using Facebook’s business tools.
Meta shared its findings with Apple and Google, but it was ultimately up to the store to ensure the apps were removed, Agranovich said.
Meanwhile, Facebook is warning 1 million people who may have used the apps. The notifications inform users that their account information may have been compromised by an app — it didn’t specify which one — and recommend resetting their passwords.
- DIY a PBX (Phone System) on Raspberry Pi
- How to host multiple websites on Raspberry Pi 3/4?
- A Free Intercom/Paging system with Raspberry pi and old Android phones
- DIY project: How to use Raspberry Pi to build DNS server?
- Raspberry Pi project : How to use Raspberry Pi to build git server?