Meta warned on Friday, October 7, that one million Facebook users have downloaded or used innocent-looking mobile apps designed to steal their password to access the social network. “That doesn’t necessarily mean they were hacked”announced David Agranovich, director of cybersecurity teams at Meta, during a press conference.
Since the beginning of the year, the parent company of Facebook and Instagram has identified more than 400 applications “malicious”. “These apps were present on the Google Play Store [Android] and the Apple App Store [iOS] and masquerading as photo-editing tools, games, VPNs, and other services”detailed Meta in a press release.
Once downloaded and installed on the phone, these booby-trapped apps asked users to enter their Facebook credentials in order to use certain features. “They’re just trying to trick people into giving up their confidential information to give hackers access to their accounts.”summarized David Agranovich.
He believes that the developers of these applications were probably looking to recover other passwords, not just those of Facebook profiles. “Targeting seemed quite undifferentiated”, he noted. The goal seemed “to obtain as many identifiers as possible”.
Meta said it shared its findings with Apple and Google. Apple did not respond to a request from Agence France-Presse (AFP), but Google replied that it had already removed most of the applications reported by Meta from its Play Store. “None of the apps identified in the report are yet available on Google Play”wrote a Google spokesperson to AFP.
More than 40% of reported apps were used to edit images. Others consisted of simple tools, to transform his telephone into a flashlight for example. Meta said she would share tips with potential victims on how they can avoid being “compromised again” learning how to better spot problematic apps that steal credentials, whether for Facebook or other accounts. David Agranovich, however, advised users to be wary of a service that asks for credentials for no good reason or makes promises “too good to be true”.
#Meta #announces #million #users #downloaded #apps #designed #steal #Facebook #passwords