The social media group Meta has around 400 Android and iOS apps identified, which abused the Facebook login interface and tapped user data. Apple and Google have been informed of the problem and the affected users have been notified. The apps are games, photo editing applications, VPN services, and business programs.
In total, around a million users could have interacted with the apps. After the download, the smartphone owner is prompted to use the Facebook login function to register and use the promised features. The malicious programs stole the usernames and passwords and forwarded them to a server controlled by scammers.
The scammers are said to not specifically target users’ Facebook accounts, but also services. To make an app appear more serious, the App Store and Play Store were flooded with fake reviews. Meta recommends that the account holders who are contacted change their password.
The attackers can use the stolen user data to log into the affected Facebook accounts and access private information. Meta emphasized that the findings were shared with Google and Apple, the providers of the two mobile operating systems, Android and iOS.
According to Google, while Apple has deleted some apps from the App Store, the majority of the apps now identified have already been recognized as fraudulent by their own system. The respective programs are no longer available in the Google Play Store. Still, users should remain cautious and double-check an app before using it.
Research Snipers is currently covering all technology news including Google, Apple, Android, Xiaomi, Huawei, Samsung News, and More. Research Snipers has decade of experience in breaking technology news, covering latest trends in tech news, and recent developments.
