Meta has stated that it will notify roughly 1 million Facebook users that their account credentials may be compromised because to security issues with Android and iOS applications downloaded this year. Meta said it disclosed that more than 400 malicious applications targeting internet users in order to steal their login information.
Facebook claims that apps are essentially disguising themselves as photo editors, mobile games, or health trackers.
Apple said 45 of the 400 problematic applications were on its App Store and have been removed. Google removed all of the malicious applications in question, according to a spokesperson.
According to David Agranovich, a global threat disruption at Meta, cybercriminals are aware of how popular these kinds of apps are, and they will use similar techniques to trick people and steal their information and records. If an app is promising something too good to be true, like unreleased features for another platform or social media website, chances are that it will have future motives.
A typical scam may transpire after a user downloaded one of the malicious applications. The app would require a Facebook login to work beyond the basic features, tricking the user into providing their username and password. Users may then, for example, upload an edited photo to their Facebook account. In the process, they unknowingly compromised their account by giving access to the author of the app.
Meta said it would be putting together information with potential victims on how they may avoid being re-compromised by learning how to better identify problematic apps that violate their credentials, whether for Facebook or other websites. ''The malicious activity occurred off Meta systems,'' said Agranovich, adding that not all 1 million individuals had their passwords compromised.
- Meta Users in the US Get NFT-Sharing Feature on Facebook, Instagram
Bloomberg L.P.B. in 2022