Meta has published a list of malicious applications. Nearly a million users have downloaded one, or more, of these and had their Facebook password stolen.
It was during a press conference that Meta announced the news. Facebook’s parent company has compiled a list of 400 apps guilty of stealing credentials. Once downloaded, these apps require the user to log in through their Facebook credentials. If the request seems innocent at first glance, it is nevertheless this method which allowed the theft of the data.
According to David Agranovich, director of the Meta cybersecurity teams, more than 40% of the applications listed are photo editors. However, the list also includes games or even health monitoring applications. “ Cybercriminals know these apps are popular. They take advantage of this to deceive people, steal their accounts and their information,” the Meta manager said during the conference.
Apple and Google affected
Officials at Facebook’s parent company say they notified Apple and Google of the issue. Indeed, malicious applications could be found both on the AppStore and on the Play Store. The two American giants have also quickly bounced back from the Meta conference: all the applications in question have already been deleted from the two stores.
However, David Agranovich urges users to be more vigilant and wary of apps that require credentials of any kind: ” If an app promises something too good to be true, chances are she has ulterior motives , ”he said in particular.
Meta claims to have already contacted a number of victims. Whether or not you’re one of the many, changing your password for security might not be a bad idea.