Facebook has identified over 400 malicious Android and iOS apps that stole user logins
Meta has identified over 400 malicious apps on Android and iOS that were used to steal the login information of Facebook users. The social media company has published a report to share its findings.
400+ malicious Android and iOS apps were used to steal Facebook logins
The article reveals that the attackers disguised their malware code in apps with misleading descriptions that promised different features. The malicious apps were released on the Google Play Store and Apple App Store under popular categories that people were likely to be interested in. This included Photo editors, music players, VPNs, utility apps like flashlights, health and lifestyle apps, business apps and even some fake games.
The report also goes on to explain how the credentials were stolen by these apps. When a user downloaded a malicious app, they were prompted to log in to their Facebook account in order to access the features mentioned in the app's listing. The app in turn sent the username and password to the attacker, who could use the credentials to gain full access to the account. The compromised profile could then be used to access their private information, or even to message their friends. In theory, this also puts other users at risk.
These malicious apps had a way to counter negative reviews that were left by users to warn others, the developers published fake reviews with positive comments to cover up the actual reviews, and trick others users into downloading the app.
Meta advises users to secure their Facebook accounts
All that glitters is not gold. Meta has warned users that not all apps that ask them to login via Facebook are malicious, many legitimate apps use it as a way to provide their services. The company is recommending users to look out for tell-tale signs like whether a photo editor app requires you to log in to Facebook just to start using the app. Can you use its features before or after signing in? It also wants users to pay attention to the app's reputation, download count, ratings, and read the user reviews (even the negative ones). To add to that, I would suggest looking up an app's name or developer's name, and see if the results match, and if there are articles regarding the app.
Here are some examples of malicious apps that were used for stealing the logins.
Meta is advising users who were affected by the attack to reset their passwords for their Facebook account. It is also educating people to enable two-factor authentication using app authenticators, to add an extra layer of security to protect their profile. Users are also advised to enable log-in alerts to be notified when someone tries to access their account.
An article by Bloomberg (paywalled) says that over 1 million user accounts may have been compromised by these apps. You can find a full list of the malicious apps that were identified by Meta at Facebook's blog. Facebook reported the malicious apps to Apple and Google, asking the tech giants to take the apps down from their app stores. The social network is also alerting users who were impacted by the issue, to notify them that their accounts are unsafe.Advertisement