8.9 C

Facebook warns 1 million users whose logins were stolen by scam mobile apps



Meta is warning Facebook users about hundreds of apps on Apple and Google’s app stores that were specifically designed to steal login credentials to the social network app. The company says it’s identified over 400 malicious apps disguised as games, photo editors, and other utilities and that it’s notifying users who “may have unknowingly self-compromised their accounts by downloading these apps and sharing their credentials.” According to Bloomberg, a million users were potentially affected.

In its post, Meta says that the apps tricked people into downloading them with fake reviews and promises of useful functionality (both common tactics for other scam apps that are trying to take your money rather than your login info). But upon opening some of the apps, users were prompted to log in with Facebook before they could actually do anything — if they did, the developers were able to steal their credentials.

Meta’s breakdown of what apps pretended to be in order to steal people’s info.
Image: Meta

Meta says that it reported the apps to Google and Apple and got them taken down, but it’s still not a great look that they made it onto the stores in the first place. That’s especially true for Apple; for years, the company has argued against sideloading apps for the iPhone, saying that the ability to install apps not in the App Store is “a cyber criminal’s best friend.” It argues that its App Review process, which theoretically vets apps before they’re made available on the App Store, has helped it build a “trusted ecosystem for millions of apps.” Despite this, the company has struggled to reign in scam apps on its platform, with some reportedly raking in millions of dollars.

To be fair, Facebook’s report indicates that the issue is significantly worse on the Play Store — out of the 402 malicious apps on its list, 355 were for Android, and 47 were for iOS. Interestingly, the Android ones spanned a wide range of genres, from games, VPNs, photo editors, and horoscope apps, every single one for iPhone was related to managing business pages or ads. (This didn’t necessarily mean they weren’t reasonably suspicious; it’s hard to understand how “Very Business Manager” got past Apple’s App Review process.)

Neither Apple nor Google immediately responded to The Verge’s request for comment.

When it comes to apps that attempt to steal your login info, Meta’s post details some good warning signs to look out for — if the app doesn’t do what it says it does, locks all functionality behind a login, or has loads of (potentially buried) negative reviews, it’s probably best to give it a pass and find another, more reputable app.

Source link

Subscribe to our magazine

━ more like this

Cornerstone Removals: UK’s Most Reliable and Flexible House Moves

Moving home can be a stressful and challenging experience, but with Cornerstone Removals, you can rest assured that your move will be smooth and...

Millions of Americans don’t have the luxury of moving on from the pandemic. We shouldn’t leave them behind  

When the pandemic broke out nearly three years ago, older Americans were vulnerable.  They still are today.  Since 2020, people 65 and over have comprised...

Apple’s once again trying to optimize the iPhone’s Crash Detection feature

Apple has released iOS 16.3.1, which includes “optimizations” for the iPhone 14 and 14 Pro’s Crash Detection feature that’s been criticized by some...

Opinion | Iranian Nationalists Reject the Regime

It‘s no longer true that a Western military strike would lend the theocracy stronger domestic support. Source link

Alternative hip-hop pioneer Trugoy the Dove of De La Soul dies at 54

David Jude Jolicoeur, known widely as Trugoy the Dove and one of the founding members of the Long Island hip hop trio De...