fbpx
The annual Global Impact Conference 2022 brings together visionary business leaders to revolutionize educational systems and inspire collaborative actionRead more APO Group announces content partnership with Pan-African broadcaster VoxAfricaRead more MainOne, an Equinix Company’s MDXi Appolonia Achieves Tier III Constructed Facility certification (TCCF), Now Most Certified Data Center in GhanaRead more United Nations High Commissioner for Refugees (UNHCR) warns rising tide of hunger, insecurity, and underfunding worsening gender-based violence risksRead more The Royal Thai Embassy presents the cultures of Thailand at the Association of Southeast Asian Nations (ASEAN) Festival in KenyaRead more Climate change is the biggest global threat, young people in Africa and Europe tell European Investment Bank (EIB), Debating Africa and Debating EuropeRead more $2 million in prizes awarded at Conference of the Parties (COP27) to African youth-led businessesRead more Africa and Europe’s top business and public sector leaders gather to chart Africa’s economic rebirthRead more Senegal to Host 8th All Africa Music Awards (AFRIMA), Tagged The Teranga EditionRead more The Thai delegation’s active participation at the 145th Assembly of the Inter-Parliamentary Union (IPU) in KigaliRead more

Meta warns of password stealing phone apps

show caption
Meta says hundreds of mobile apps that made their way past vetting at online shops run by Apple and Google were actually designed to dupe people into logging into Facebook accounts, stealing passwords in the process./AFP
Print Friendly and PDF

Oct 10, 2022 - 09:33 AM

SAN FRANCISCO — Meta warned a million Facebook users Friday that they have been “exposed” to seemingly innocuous smartphone applications designed to steal passwords to the social network.

So far this year, Meta has identified more than 400 “malicious” apps tailored for smartphones powered by Apple or Android software and available at the Apple and Google app stores, director of threat disruption David Agranovich said during a briefing.

“These apps were listed on the Google Play Store and Apple’s App Store and disguised as photo editors, games, VPN services, business apps and other utilities to trick people into downloading them,” Meta said in a blog post.

The apps often ask people to login with their Facebook account information to use promised features, stealing usernames and passwords if entered, according to Meta’s security team.

“They are just trying to trick people into entering in their login information in a way that enables hackers to access their accounts,” Agranovich said of the apps.

“We will notify one million users that they may have been exposed to these applications; that is not to say they have been compromised.”

More than 40 percent of the apps Meta listed involved ways to edit or manipulate images, and some were as seemingly simple as using smartphones as flashlights.

“Our sense is these types of malicious app developers try to target multiple services,” Agranovich said, noting the app creators are likely after passwords to more than just Facebook accounts.

“The targeting here seemed to be relatively indiscriminate — get people to download the applications around the world in an attempt to get access to as many login credentials as possible.”

Meta said that it shared what it discovered with Apple and Google, who control what is offered at their respective app shops and each vet offerings.

Apple told AFP that only 45 of the 400 applications highlighted by Meta were on its operating system, and that the company has already removed them from its app store.

Google said that most of the apps Meta flagged had already been identified and removed from the Play store by its own vetting systems.

“All of the apps identified in the report are no longer available on Google Play,” a spokesperson told AFP.

“Users are also protected by Google Play Protect, which blocks these apps on Android.”

  • bio
  • twitter
  • facebook
  • latest posts

LMBCNEWS.COM uses both Facebook and Disqus comment systems to make it easier for you to contribute. We encourage all readers to share their views on our articles and blog posts. All comments should be relevant to the topic. By posting, you agree to our Privacy Policy. We are committed to maintaining a lively but civil forum for discussion, so we ask you to avoid personal attacks, name-calling, foul language or other inappropriate behavior. Please keep your comments relevant and respectful. By leaving the ‘Post to Facebook’ box selected – when using Facebook comment system – your comment will be published to your Facebook profile in addition to the space below. If you encounter a comment that is abusive, click the “X” in the upper right corner of the Facebook comment box to report spam or abuse. You can also email us.