[German]Facebook parent company Meta said that it's security researcher has already identified more than 400 malicious mobile apps this year that are out to steal their users' Facebook credentials. The problem could affect 1 million Facebook users who have installed the apps in question on Android or iOS.
The problem is that, on the one hand, many users on mobile devices install numerous apps on Android and iOS, but on the other hand, they also visit many online accounts with these devices. This is where trustworthy apps come into play, because otherwise the access data to the online accounts could be harvested by malicious apps. Especially users of social networks like Facebook are in the focus of fraudsters. The security people at Meta and Facebook therefore look at mobile apps to see if they are trustworthy.
Already this year, more than 400 malicious Android and iOS apps have been identified that are out to steal users' Facebook credentials. I came across this via the following tweet, which Meta describes in the post Protecting People From Malicious Account Compromise Apps.
These apps were listed on Google Play Store and Apple's App Store and disguised as photo editors, games, VPN services, business apps and other utilities to trick users into downloading them. Here are some examples:
- Photo editing programs, including those that claim you can turn into a caricature.
- VPNs that pretend to increase browsing speed or grant access to blocked content or websites.
- Cell phone utilities such as flashlight apps that pretend to make a mobile device's flashlight brighter.
- Mobile games that falsely promise high-quality 3D graphics.
- Health and lifestyle apps such as horoscopes and fitness trackers.
- Business or ad management apps that purport to offer hidden or unauthorized features not found in official apps from technology platforms.
The diagram above shows the distribution of malicious apps across various categories. The developers of such malicious apps probably prefer photo editor apps to distribute their malware among people. These apps are then posted on Apple and Google stores. To cover up negative reviews from people who have realized the buggy or malicious nature of the apps, the developers may publish fake reviews to trick others into downloading the malware, Meta warns. Fake reviews of the app are intended to cover up negative ratings. The crooks hope the reviews will entice people to download the apps.
If a person installs the malicious app, the user may be prompted to log into Facebook. Only then can the promised features be used. If the user enters the login credentials, the malware steals the username and password. From that moment on, the attackers may gain full access to a person's account. For example, they can read or send messages to friends, as well as gain access to private information.
Meanwhile, 1 million Facebook users are said to have had their Facebook accounts compromised by such apps. Meta has notified both Apple and Google about the apps it found. Meanwhile, both parties have removed the apps from their respective stores. A complete list of the affected apps as well as further details can be read at Meta.
Cookies helps to fund this blog: Cookie settings