Meta Platforms has identified more than 400 malicious apps downloaded from Google’s Android and Apple’s iOS operating systems this year that aim to steal users’ Facebook log-in details.
As per the official statement, “Because these apps were accessible in third-party app stores, we’re encouraging people to be cautious when downloading a new app that asks for social media credentials and providing practical steps to help people stay safe.”
The company has also shared the full list of these apps to warn users. Many of the identified apps claim to offer photo editing tools, VPN services, and other utilities. Some of them are also games that require users to share their personal information. Meta says most of the identified malicious apps offer a fake ‘Login With Facebook’ prompt to extract user IDs and passwords.
Meta warns against 400 malicious apps
These apps are so dangerous that attackers will potentially gain full access to a user’s account. They will access private messages from family, friends, and colleagues if the login information steals
Meta explains that the developers of such malicious apps hide the bad reviews from people who spot the dysfunction, and post fake reviews so that viewers can be fooled. Once a user downloads it from Play Store or App Store, it asks to “Login with Facebook”. This is where the malware steals their username and password.
In case your Facebook ID compromises, Meta recommends that users should reset their passwords. Also, enable two-factor authentication, preferably using an Authenticator app such as Google Authenticator or Microsoft Authenticator. Meanwhile, here’s the full list of apps, and users are advised to download them immediately if they have them on their smartphones.
Meta advises that Users should always check the “download count, ratings, and reviews, including negative ones” before downloading any app from app stores. Lastly, the users should also observe if the app provides the functionality it said it will provide after logging in.
Thanks for reading!!