Picture: — © AFP
Meta warned a million Fb customers on Friday that they’ve been “uncovered” to seemingly innocuous smartphone apps designed to steal passwords from the social community.
To date this yr, Meta has recognized greater than 400 “malicious” apps designed for smartphones working Apple or Android software program and accessible within the Apple and Google app shops, Risk Interruption Director David Agranovich mentioned throughout a press launch. a briefing.
“These apps had been listed on the Google Play Retailer and Apple App Retailer and disguised as photograph editors, video games, VPN companies, enterprise apps, and different utilities to trick folks into downloading them,” Meta mentioned in a publish. weblog.
The apps typically ask folks to log in with their Fb account data with a purpose to use promised options, stealing usernames and passwords if entered, in keeping with the Meta safety staff.
“They’re merely attempting to trick folks into getting into their login data in a means that permits hackers to entry their accounts,” Agranovich mentioned of the apps.
“We are going to notify a million customers who could have been uncovered to those apps; That does not imply they have been compromised.”
Greater than 40 p.c of the apps Meta listed included methods to edit or manipulate photos, with some seemingly so simple as utilizing smartphones as flashlights.
“Our sense is that these sorts of malicious app builders try to focus on a number of companies,” Agranovich mentioned, noting that app creators are more likely to be searching for passwords for extra than simply Fb accounts.
“The steering right here appeared to be comparatively indiscriminate: having folks obtain the apps all over the world in an try to achieve entry to as many login credentials as attainable.”
Meta mentioned he shared what he discovered with Apple and Google, who management what’s provided of their respective app shops and every vet’s choices.
Apple didn’t reply to questions on whether or not it took motion towards any of the apps Meta deemed malicious.
However Google mentioned a lot of the Meta-flagged apps had already been recognized and faraway from the Play Retailer by its personal investigative methods.
“All apps recognized within the report are now not accessible on Google Play,” a spokesperson instructed AFP.
“Customers are additionally protected by Google Play Shield, which blocks these apps on Android.”