Example blog

Meta detects 400 apps that steal users’ Facebook and Instagram login information


This is a major concern for all social media users – today Meta reported that it has detected 400 apps this year alone that offer fake features and tools designed to trick people into logging into these applications with their Facebook credentials, which then allows developers to access their data and information.

As Meta explains:

“Our security researchers discovered more than 400 malicious Android and iOS apps this year designed to steal Facebook login information and compromise user accounts. These apps have been listed on Google Play Store and Apple App Store and disguised as photo editors, games, VPN services, business apps and other utilities to trick people into downloading them.

Courtesy of Meta

Yes, these apps look pretty questionable, but you can also see how, based on the promise of some cool new feature or feature, people might be tricked into logging in with their Facebook details, in order to access them.

“When someone installs the malicious app, it may ask them to ‘log in with Facebook’ before they can use the promised features. If they enter their credentials, the malware steals their username and their password.If the login credentials are stolen, attackers could potentially gain full access to a person’s account and do things like message their friends or gain access to private information.

Meta says the majority of these scam apps are photo editors, with the rise of visual tools driving increased demand for the latest features and editing updates.

Meta-malicious apps

Courtesy of Meta

But as you can see from the table above, they appear in different categories, which means users need to be on the lookout for approving apps and providing their Facebook login credentials.

Meta says it has reported the apps to Apple and Google, hoping to have them removed from their respective stores entirely (Google has since reported that aall apps have been removed)while it also alerts users who have downloaded these apps, if any, to help improve security and/or regain access to their profiles.

Meta has also provided some security tips to help users prevent their information from being hijacked by rogue apps:

“Malicious apps often have telltale signs that differentiate them from legitimate apps. here is a A few things to consider before logging into a mobile app with your Facebook account:

  • Require social media credentials to use the app: Is the app unusable if you don’t provide your Facebook information? For example, beware of a photo-editing app that needs your Facebook ID and password before allowing you to use it.
  • The reputation of the application: Is the application reputable? Look at its download count, ratings, and reviews, including negative reviews.
  • Promised functionality: Does the app provide the advertised functionality, before or after login? »

Again, given the promised functionality and presentation of these apps, you can see how users could be tricked into their promotions and tricked into logging in with their Facebook credentials. And that’s clearly a big deal – 400 apps this year alone, and those are just the ones identified by the Meta team.

You have to be careful when using your Facebook login, or really any social login option, with the understanding that hackers are trying to steal your information, however they can.

There’s no 100% foolproof way to prevent this, which is why Meta is looking to work with Apple and Google to remove them.

But the next time you’re looking for a cool photo editing app to make your Instagram posts stand out, take a second to think before you log on.

If you think you’ve downloaded one of these apps, Meta advises users to remove the app immediately, reset their Facebook password, and enable 2-factor authentication.

Source link