Facebook security researchers have identified more than 400 rogue applications designed to hijack users’ Facebook account credentials.
These apps were listed on Google Play Store and Apple App Store and are disguised as photo editors, games, VPN services, commercial apps to trick users into downloading them. Android was particularly affected with 350 apps detected, on the iOS side, 50 apps were reported. All apps are listed by Facebook.
These unauthorized apps require users to log in to Facebook before they can access features. This login request is a way to steal account information.
“Many apps offer little or no functionality until you sign in, and most don’t offer functionality even after the person agrees to sign in,” an executive at Facebook’s parent company Meta said during a briefing with reporters, reported by gadget.
Facebook alerts users
For Meta (Facebook), it’s up to Google and Apple to do what’s necessary. For its part, Facebook sends alerts to a million people who may have used these applications. The notifications inform users that their account data may have been compromised by an app, without specifying which one, and recommend that they reset their password.
If one of the applications is telecharged, it is convenient to change your mot de passe et d’en creer un fort et d’activar los alertes de connexion pour être averti si quelqu’un essaie d’accéder à your account
Facebook gives some tips for detecting malicious apps: “Is the app unusable if you don’t provide your Facebook information? Is the app trustworthy? Examine your number of downloads, ratings, and reviews, including negative ones. Does the app provide the advertised functionality, before or after login?
Source: BFM TV
