A million Facebook users forwarded a warning from Meta on Friday that they had been “exposed” to password-stealing smartphone apps that appeared to be harmless.
David Agranovich, director of the threat disruption, revealed during a briefing that Meta has so far this year identified more than 400 “malicious” apps made for smartphones running Apple or Android software and accessible from the Apple and Google app stores.
In order to trick people into downloading them, these apps were listed on the Google Play Store and Apple’s App Store under false names such as photo editors, games, VPN services, business apps, and other utilities, according to a blog post by Meta.
According to Meta’s security team, the apps frequently request Facebook login information from users in order to access promised features, stealing usernames and passwords in the process.
The apps, according to Agranovich, “are just trying to trick people into entering in their login information in a way that allows hackers to access their accounts.”
We will let a million users know that, while they may not have been compromised, they may have come into contact with these applications.
More than 40% of the apps that Meta listed included tools for editing or manipulating images, and some of them appeared to be as basic as using flashlight apps on smartphones.
Agranovich noted that the developers of the malicious apps are probably after passwords for more than just Facebook accounts when he said, “Our sense is that these types of malicious app developers try to target multiple services.”
- When the warning from meta came?
Ans. On Friday
- Who is David Agranovich?
Ans. The director of the threat disruption.