1M Facebook users warned, Logins stolen by scammy mobile apps

Meta is warning Facebook users about hundreds of apps on Apple and Google’s app stores designed to swipe login credentials to the social network app.

The company identifies over 400 malicious apps disguised as games, photo editors, and other utilities and notifies users who “may have unknowingly self-compromised their accounts by downloading these apps and sharing their credentials.”

A million users were potentially affected. The company says Apple and Google have removed the apps from their stores, but they shouldn’t have been there in the first place.

In its post, Meta says that the apps tricked people into downloading them with fake reviews and promises of helpful functionality. But upon opening some of the apps, users were prompted to log in with Facebook before they could do anything — if they did, the developers were able to steal their credentials.

Meta says that it reported the apps to Google and Apple and got them taken down, but it’s still not a fantastic look that they made it onto the stores in the first place. That’s especially true for Apple; for years, the company has argued against sideloading apps for the iPhone, saying that the ability to install apps not in the App Store, is “a cyber criminal’s best friend.”

In addition, it argues that its App Review process, which theoretically vets apps before they’re made available on the App Store, has helped it build a “trusted ecosystem for millions of apps.” Despite this, the company has struggled to reign in scam apps on its platform, with some reportedly raking in millions of dollars.

Facebook’s report indicates that the issue is significantly worse on the Play Store — out of the 402 malicious apps on its list, 355 were for Android, and 47 were for iOS. Interestingly, the Android ones spanned a wide range of genres, from games, VPNs, photo editors, and horoscope apps, every single one for iPhone was related to managing business pages or ads.

When it comes to apps that attempt to steal your login info, Meta’s post details some good warning signs to look out for. For example, suppose the app doesn’t do what it says, locks all functionality behind a login, or has loads of negative reviews. In that case, it’s probably best to give it a pass and find another, more reputable app.

Meta is one of the globe’s most profitable companies. It is believed to be one of the Big Five American information technology companies, alongside Apple, Alphabet, Amazon, and Microsoft.

Meta’s products and services contain Facebook Watch, Facebook, Messenger, and Meta Portal. It has also formulated Giphy, Mapillary, Oculus, Kustomer, and Presize and has a 9.99% stake in Jio Platforms. In 2021, the company developed 97.5% of its earnings from the sale of advertising.

In October 2021, the parent institution of Facebook altered its name from Facebook, Inc., to Meta Platforms, Inc., to “recall its focus on building the metaverse.” The “metaverse” refers to the integrated domain that links all of the company’s products and service.

Facebook pointed out an initial public offering (IPO) on January 1, 2012. The preliminary prospectus noted that the company sought to raise $5 billion, owned 845 million monthly active users, and a site accruing 2.7 billion likes and comments daily. After the IPO, Zuckerberg would hold a 22% ownership share in Facebook and own 57% of the voting shares.