Facebook has identified over 400 malicious Android and iOS apps that stole user logins
Meta has identified over 400 malicious apps on Android and iOS that were used to steal the login information of Facebook users. The social media company has published a report to share its findings.
400+ malicious Android and iOS apps were used to steal Facebook logins
The article reveals that the attackers disguised their malware code in apps with misleading descriptions that promised different features. The malicious apps were released on the Google Play Store and Apple App Store under popular categories that people were likely to be interested in. This included Photo editors, music players, VPNs, utility apps like flashlights, health and lifestyle apps, business apps and even some fake games.
The report also goes on to explain how the credentials were stolen by these apps. When a user downloaded a malicious app, they were prompted to log in to their Facebook account in order to access the features mentioned in the app's listing. The app in turn sent the username and password to the attacker, who could use the credentials to gain full access to the account. The compromised profile could then be used to access their private information, or even to message their friends. In theory, this also puts other users at risk.
These malicious apps had a way to counter negative reviews that were left by users to warn others, the developers published fake reviews with positive comments to cover up the actual reviews, and trick others users into downloading the app.
Meta advises users to secure their Facebook accounts
All that glitters is not gold. Meta has warned users that not all apps that ask them to login via Facebook are malicious, many legitimate apps use it as a way to provide their services. The company is recommending users to look out for tell-tale signs like whether a photo editor app requires you to log in to Facebook just to start using the app. Can you use its features before or after signing in? It also wants users to pay attention to the app's reputation, download count, ratings, and read the user reviews (even the negative ones). To add to that, I would suggest looking up an app's name or developer's name, and see if the results match, and if there are articles regarding the app.
Here are some examples of malicious apps that were used for stealing the logins.
Meta is advising users who were affected by the attack to reset their passwords for their Facebook account. It is also educating people to enable two-factor authentication using app authenticators, to add an extra layer of security to protect their profile. Users are also advised to enable log-in alerts to be notified when someone tries to access their account.
An article by Bloomberg (paywalled) says that over 1 million user accounts may have been compromised by these apps. You can find a full list of the malicious apps that were identified by Meta at Facebook's blog. Facebook reported the malicious apps to Apple and Google, asking the tech giants to take the apps down from their app stores. The social network is also alerting users who were impacted by the issue, to notify them that their accounts are unsafe.
…lenkt natürlich ab von all den gestohlenen Daten und sich daraus ergebenden Analysen der Menschen die deren Produkte verwenden… am Ende ist es Wegelagerei in liberalen Rechtsräumen die diese Machenschaften und Multimilliarden Gewinne erst ermöglichen… mal nicht zu reden von der Kooperation mit westlichen Regierungen/Demokratien…
“Meta has warned users that not all apps that ask them to login via Facebook are malicious, many legitimate apps use it as a way to provide their services.”
It’s asked far too often mainly to spy on users, most of the time in cases where Facebook would call it “legitimate”. They taught people to give their Facebook login all the time when not needed and this is what was bound to happen next.
“Facebook reported the malicious apps to Apple and Google, asking the tech giants to take the apps down from their app stores.”
400 malicious applications, with reports of malware from users, and it took Facebook asking to (maybe ?) have them removed ? This put things in perspective when users are scared by Google away from installing applications from ultra-clean stores like F-Droid, because Google’s store would be “more secure”. And that’s only taking Google’s definition of malware, that doesn’t include most of their store’s applications (not just 400) being already spyware anyway but this time with their blessing.
It would also be interesting to know who does what with one million stolen Facebook logins. Maybe the answer would be a little too close to what Facebook does usually with data to be considered interesting to talk about by Facebook and friends ?
Many users (not all) don’t have the time to deal with security issues. They are having way too much fun.
Very interesting articke, thanks @Ashwin!
This is like Donald Trump identifying 400 hackers for stealing classified information.
TDS.. rent free. Always.
The real question is probably after reading this article is a not mentioned one by this article from Ashwin:
How secure is the security tool (start security checkup after login on to your Facebook account) that Facebook advises on its webpage, you should use to add a layer of security? https://www.facebook.com/help/799880743466869
Note how many of these are VPN apps, 36 by my count!
I mean, not justifying these scumbags, but if you’re going to install “Punk Vpn” then you have bigger issues.
If you use a free VPN (even paid ones are basically a coinflip), what do you expect? You basically give a random person ALL your data + traffic…
Amin to that.
How dare they steal your s**t, this is our job!
Fbibook, 2022