Facebook exposes login credentials of over 1 million users stolen by malicious app

parent company meta Facebook warned users about hundreds of apps in the Apple and Google app stores specifically designed to steal login credentials to social network apps.

The Verge says it has identified more than 400 malicious apps masquerading as games, photo editing and other utilities.

Facebook is notifying users who “may have unknowingly compromised their accounts by downloading these apps and sharing their credentials.”

According to Bloomberg, one million users may have been affected.

In a post, Meta said the app tricked people into downloading it with bogus reviews and promises of useful features. Both are common tactics of other fraudulent apps trying to extort money instead of login credentials.

However, when opening some apps, users were asked to log in with Facebook before they could actually do anything, and if they did, developers could steal their credentials, reports The Verge. doing.

Meta says they’ve reported the app to Google and Apple for removal, but it still doesn’t look good that they put it on the store in the first place.

Facebook reports that the problem is significantly worse on the Play Store, where of the 402 malicious apps on the list, 355 are for Android and 47 are for iOS.

Interestingly, according to The Verge, the Android apps spanned a wide range of genres, including games, VPNs, photo editors, and horoscope apps, while the iPhone apps were all related to managing business pages and advertising.

HT

Source: Ani