Meta Published A List of 400+ Malicious Apps that Steal Log-in Information
The List Includes Photo Editors, Games, VPN Services, Business Apps, and Other Utilities.
Last updated on October 11, 2022
In a recent press release, Meta shares with the public a list of over 400 malicious Android and iOS apps specifically designed to steal Facebook login information. The company has also disclosed its findings to Apple and Google to help affected users protect their accounts.
These apps were listed on the Google Play Store and Apple’s App Store and disguised as photo editors, games, VPN services, business apps, and other utilities to trick people into downloading them.
As CyberNews explained, many malware apps have the capability to avoid detection and are designed to look entertaining or helpful. Usually, the developers of these sites create false good ratings to hide the bad ones and deceive users into downloading malware.
When a user installs the malicious app, they are requested to ‘log-in with Facebook’ before they can access the claimed benefits. The attacker intends to acquire complete control of the victim’s account in this manner.
There are many legitimate apps that offer the features listed above or that may ask you to sign in with Facebook in a safe and secure way. Cybercriminals know how popular these types of apps are and use these themes to trick people and steal their accounts and information.
You can spot a malicious app by paying attention to some telltale signs. If the software requests your Facebook credentials, it can be a scam. Always pay attention to the number of downloads, ratings, and reviews for the app, particularly the negative ones.
If you suspect you may have been affected, Meta advises to change your passwords right away, enable two-factor authentication, and enable log-in alerts.
Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.