Meta warned yesterday that 1 million Facebook users have downloaded or used a seemingly harmless mobile application designed to steal their password To access the social network.
“We will inform Millions of people may have been exposed to these apps This does not necessarily mean that they have been hacked, David Agranovic, director of Meta’s cybersecurity teams, said during a press conference.
Since the beginning of the year Meta, the parent company of Facebook and Instagram, has identified more than 400 “harmful” apps.Available for iOS (Apple) and Android (Google) smartphones.
These apps were on the Google Play Store and the Apple App Store They pretend to be photo editing tools, gaming tools, VPN tools, and other services.”
Once downloaded and installed on the phone, These apps asked users for their Facebook credentials In order to use some functions.
“They tried to encourage people to give out their confidential information to allow hackers to access their accounts,” Agranovich summarizes, estimating that the developers of these apps may have been looking to recover other passwords, not just Facebook passwords.
He noted that “the targeting seemed relatively random.” It was about “getting as many” passwords as possible.
Meta says it has shared its findings with Apple and Google.
Apple told AFP that only 45 of the 400 apps identified by Meta are available on its operating system.The company removed them from the App Store.
Meanwhile, Google indicated that it has pulled most of the reported apps from its Play Store.
“None of the apps identified in the report are available on Google Play,” a Google spokesperson wrote to AFP.
More than 40% of the indicated applications were used for photo editing. Others were simple tools, for example, to turn your cell phone into a flashlight.
Agranovich advised users to be careful when an app asks for passwords for no good reason or makes promises that are “too good to be true”.
“Proud web fanatic. Subtly charming twitter geek. Reader. Internet trailblazer. Music buff.”