Meta Uncovers 400 Malicious Android, IOS Apps Designed To Steal Logins
Meta found more than 400 mobile apps designed to trick users into giving up login information, including two-factor authentication codes.
The company's malware detection team discovered a malicious Android and iOS application while investigating a cyber threat on Facebook last year. Meta said it is difficult to estimate how many users have downloaded the app or shared their login information, but the company plans to notify suspects.
"That's why we're very careful here. We're aware that one million users have been exposed to one of these programs," David Agronovich, director of risk prevention at Meta, said in a press release, adding that the program targets people indiscriminately.
Malware can look like legitimate apps like photo editors, VPNs, games, or flashlight apps. However, they require users to log in with a Facebook account or other platform.
Examples of some applications. (Author: Meta)
"Many applications provide little or no functionality prior to logging in," says Agranovich. "Many of them don't even offer any functionality once they're in." But the login prompt can steal usernames, passwords, and two-factor authentication codes. The hacker can then use the stolen login to carry out other scams.
This app has successfully passed the protection of Google Play Store and Apple App Store for registration. According to Meta's report, 42.6% of malware pretends to be a photo editor, and 11.7% pretends to be a VPN. Meanwhile, the affected iOS apps purported to offer business tools with names like "Business Manager Pages" and "Ad Optimization Target."
"Cybercriminals know how popular such programs are, so they use similar themes to trick people into stealing their accounts and data," Agranovic added.
(Author: Meta)
Meta reported the discovery to Apple and Google.
Google told PCMag that "apps identified in the report are no longer available on Google Play. Users are protected by Google Play Attack Defense, which blocks apps on Android." Most of the malware mentioned in the Meta report was discovered by the company earlier this year and removed from Google Play, the company added.
Apple has removed 45 pieces of malware from the company's App Store. He added that he does not allow fraud and malicious activities in the application store.
Recommended by our editor
The Meta report (opens in a new window) contains a full list of affected apps, most of which are Android apps.
To protect you, Meta encourages users to check software reviews before downloading. Especially negative reviews can indicate whether a program is a scam or not. It's also a good idea to avoid apps that require you to sign in with an official Facebook, Google, or Apple account to access all features.
Agronovich added: “Does this request to connect with Facebook make sense? If the flashlight app requires you to log in to Facebook before enabling the flashlight feature, this might be something you should look into.
To determine which users may be at risk, Meta said it looks at factors such as evidence that their account has been stolen or otherwise compromised.
Did you like what you read?
Subscribe to the SecurityWatch newsletter to get the best privacy and security articles delivered to your inbox.
This newsletter may contain advertisements, offers or affiliate links. By subscribing to the newsletter, you agree to our Terms of Service and Privacy Policy. You can unsubscribe at any time.
