Meta warned yesterday A million Facebook users downloaded or used apparently harmless mobile applications designed to steal their passwords To access the social network.
“We’ll let you know A million people may have been exposed to these apps – It doesn’t mean they’ve been hacked,” David Akranovich, director of Meta’s cybersecurity teams, said during a press conference.
Since the beginning of the year Meta, the parent company of Facebook and Instagram, has identified more than 400 “malicious” apps.Available for smartphones powered by iOS (Apple) and Android (Google).
“These applications were on Google Play Store and Apple App Store and masquerading as photo editing tools, gaming tools, VPN tools and other services,” Meta said in a statement.
Once downloaded and installed on the phone, These apps asked users for their Facebook credentials In order to use certain functions.
“They were trying to encourage people to give their confidential information to hackers to access their accounts,” Akranowicz summarized, estimating that the developers of these applications wanted to recover not only Facebook passwords, but other passwords as well.
“The targeting seemed relatively indiscriminate,” he noted. It’s all about “getting as many passwords as possible”.
Meta said it shared its findings with Apple and Google.
Apple told AFP that only 45 of the 400 apps identified by Meta were on its operating system.And the company removed them from the App Store.
Meanwhile, Google indicated that it has withdrawn most of the reported apps from its Play Store.
“None of the apps identified in the report are yet available on Google Play,” a Google spokesperson wrote to AFP.
More than 40% of the indicated applications were used to edit images. Others are simple gadgets, for example turning your cell phone into a flashlight.
Agranovich advised users to be careful when an app asks for passwords for no good reason or makes promises that are “too good to be true.”