One million Facebook users have downloaded or used seemingly innocent mobile apps designed to steal their account passwords on the social network, Meta warned on Friday, October 7, 2022.
“We will notify a million people that they may have been exposed to these programs, but that doesn’t necessarily mean their accounts have been hacked,” David Agranovich, director of Meta’s cybersecurity teams, said in a press conference. France Press
Since the beginning of the year, the parent company of “Facebook” and “Instagram” networks has identified more than 400 “harmful” programs available on smartphones with iOS from Apple and Android from Google.
Meta explained in a statement: “These apps were available as photo editing tools, games, virtual private networks (VPNs) and other services in the Google and Apple App Stores.
Once downloaded and installed on a phone, these “trapped” apps ask users to enter the metadata of their Facebook accounts in order to use certain features.
Noting that these apps try to get users to divulge confidential information so that hackers can gain access to their accounts, Agranovic suggested that the creators of these apps are aiming to steal other passwords, not just those related to profiles. “Facebook”.
Meta also noted that it had shared its findings with Apple and Google, while Google said it had removed most of the apps Meta reported from its store.
In this regard, a Google spokesperson told AFP: “None of the apps identified in this report are currently available on the Google Play Store.”
As for Apple, it confirmed to the French agency that only 45 of the 400 apps have iOS and have been removed from the App Store.
More than 40 percent of the apps revealed by Meta are related to photo editing, while the rest are limited to simple tasks like turning your phone into a flashlight.
Agranovic advises users to be wary of apps that ask for metadata without good reason or make “unbelievable” promises.
Source: Lebanon Debate