Meta, the company that owns Facebook, has made the announcement that it would be contacting one million customers who may have inadvertently installed one or a few of the more than 400 rogue applications aimed to steal their account information. According to the business, the applications may be found in both the Google Play Store and the Apple App Store. Meta has said that it has shared information on these apps with other companies in the sector, security experts, and policymakers in order to strengthen defences against the danger.
According to Meta, its team of security experts discovered over 400 malicious Android and iOS applications aimed to steal Facebook login information and breach user accounts. These apps were designed to target both Android and iOS users. According to the organisation, these applications are disguised as picture editors, games, virtual private network (VPN) services, business apps, and other utilities in order to deceive users into installing them.
In addition, the business notifies customers who may have “unknowingly self-compromised their accounts by installing these applications and providing their credentials,” and assists such customers in securing their respective accounts.
In addition to showing humorous graphics on app stores, the authors of these applications may have made up reviews and ratings and uploaded them. This allowed them to hide “bad evaluations by those who have detected the defunct or harmful nature of the programmes” and fool others into installing the virus. Additionally, this allowed them to cover up the fact that the reviews themselves were false.
After a user downloads and instals the malicious software on their smartphone, it prompts them to “Login With Facebook” in order to have access to the functions that were advertised. The virus gets the user’s login and password when they input them after they have already been stolen. This provides the cybercriminal with unrestricted access to the victim’s account.
There are a lot of applications out there that are real, and some of them need users to sign in using Facebook. On the other hand, it becomes more difficult for average people to differentiate between genuine and malicious applications. It is important to point out that malware applications often feature telltale signals that users may utilise to distinguish them from legal programmes.
Do not install an application if it requires you to sign in with your Facebook or other credentials many times before enabling you to access the application. Before installing such programmes, you have the option to verify their total number of downloads in addition to their ratings and reviews. During your time using the app, keep an eye out for any misspellings or strange behaviour.
Delete the malicious software from your smartphone in the event that you downloaded it and then used it to log in to one of your social media accounts or another online service using your credentials. Make sure to change the password and turn on two-factor authentication, ideally by downloading an app called Authenticator. You should enable log-in alerts so that you are warned immediately if someone attempts to access your account.