Meta warns 1 million Facebook users: their password is compromised

Meta warns 1 million Facebook users: their password is compromised

Meta warns 1 million Facebook users

One million Facebook users who will have to change passwords after using one of the approximately 400 malicious apps for Android (especially) and iPhone identified by Meta and guilty of credential theft is probably an underestimate. From here to the next few days, the system will automatically send a notification that will warn of the danger inviting you to change the keyword as soon as possible to get safe and avoid losing access to the social portal, as described in detail in a recent security report. to the public.

There are 355 apps for Android and 47 for iPhone identified by the managers of Meta and all of them were hosted in the official Play Store and App Store of iOs: these software masqueraded as utilities, particularly as photo editor or corporate services or vpn, but also games. In reality, they were baits designed ad hoc to ask the user to log in through a Facebook user with the aim of stealing his access credentials. And so we trusted the goodness of an application downloaded not from clandestine markets or via the installer file and saved time by tapping on Login with Facebook: a proven method that has reaped and continues to claim many victims with the defense systems that often they can't keep up with threats and can only play defense and patch holes.

The distribution of the malicious app type

It is not even possible to estimate the exact number of users involved, as explained by the head of this security segment in Meta, David Agranovich, so the estimate of one million subscribers could be significantly exceeded in reality. If you receive the notification from Meta it is good to change the password as soon as possible, even that of other users if it is shared (a common lightness, but to be avoided), while in the future you should consider a long time before downloading an app not so well known , reading the reviews carefully and avoiding accessing through Facebook, but also Google or Apple as much as possible.

Meta warns 1 million Facebook users their login info may have been compromised

Facebook parent Meta is warning 1 million users that their login information may have been compromised through malicious apps.

Meta's researchers found more than 400 malicious Android and Apple iOS apps this year that were designed to steal the personal Facebook login information of its users, the company said Friday in a blog post. Meta spokesperson Gabby Curtis confirmed that Meta is warning 1 million users who may have been affected by the apps.

Subscribe to The Post Most newsletter for the most important and interesting stories from The Washington Post.

Meta said the apps they identified were listed in Apple's app store and Google Play Store as games, photo editors, health and lifestyle services and other types of apps to trick people into downloading them. Often the malicious app would ask users to 'login with Facebook' and later steal their username and password, according to the company.

Related video: How 'runaway' algorithms lead us into dark places

'This is a highly adversarial space and while our industry peers work to detect and remove malicious software, some of these apps evade detection and make it onto legitimate app stores,' wrote Meta's Threat Disruption Director David Agranovich, and Malware Discovery and Detection Engineer Ryan Victory.

Meta said it reported the apps to Apple and Google and the apps had since been taken down. Google spokesperson Edward Fernandez said in a statement that the 'apps identified in the report are no longer available on Google Play.' A representative for Apple responded but didn't comment.

Meta has faced scrutiny over its privacy practices for years. In 2019, the Federal Trade Commission approved a roughly $5 billion settlement with Facebook after reports found the political consultancy Cambridge Analytica improperly accessed personal data of millions Facebook users.

Related Content

Norway is portrayed as both hero and villain in Europe's energy crisis

How Ukrainians, targeting by drone, attacked Russian artillery in Kherson

The National Gallery thought this painting was a Vermeer. Now? Not so much