Meta alert on booby-trapped apps that steal passwords – Economy

Meta warned on Friday that one million Facebook users have downloaded or used innocent-looking mobile apps designed to steal their social network password. “We’re going to let a million people know that they may have been exposed to these apps, that doesn’t necessarily mean they were hacked,” David Agranovich, a director of Meta’s cybersecurity teams, said at a press conference. a press conference.

Since the beginning of the year, the parent company of Facebook and Instagram has identified more than 400 “malicious” applications, available on smartphones operated by iOS (Apple) and Android (Google). “These apps were present on the Google Play Store and Apple’s App Store and posed as photo editing tools, games, VPNs and other services,” Meta said in a statement.

Over 40% of reported apps were used to edit images

Once downloaded and installed on the phone, these booby-trapped apps asked users to enter their Facebook credentials in order to use certain features. “They are just trying to trick people into giving up their confidential information to allow hackers to access their accounts,” David Agranovich said.

He believes that the developers of these applications were probably looking to recover other passwords, not just those of Facebook profiles. “Targeting seemed pretty undifferentiated,” he noted. The goal seemed to be “to get as many IDs as possible.”

Meta said it shared its findings with Apple and Google. Google said it has already removed most apps flagged by Meta from its Play Store. “None of the apps identified in the report are yet available on Google Play,” a Google spokesperson wrote to AFP. Apple, for its part, told AFP that only 45 of the 400 applications were on iOS and that they have already been removed from the App Store.

More than 40% of apps reported by Meta were used to edit images. Others consisted of simple tools, to transform his telephone into a flashlight for example. David Agranovich advised users to be wary when a service asks for credentials for no good reason or makes “too good to be true” promises.

letelegramme Fr Trans

Not all news on the site expresses the point of view of the site, but we transmit this news automatically and translate it through programmatic technology on the site and not from a human editor.
Back to top button