Facebook Issues Security Warning…. Scam Apps Stole Login Credentials For 1 Million Users

Meta/Facebook has put out a security warning to around one million users that their login credentials may have been stolen by scam apps. That’s a bad look for Facebook. But it’s a worse look for Google and Apple where there’s apps have been hosted. Here’s the details:

Meta is warning 1 million Facebook users that their account information may have been compromised by third-party apps from Apple or Google’s stores. In a new report, the company’s security researchers say that in the last year they’ve identified more than 400 scammy apps designed to hijack users’ Facebook account credentials.

According to the company, the apps are disguised as “fun or useful” services, like photo editors, camera apps, VPN services, horoscope apps, and fitness tracking tools. The apps often require users to “Log In with Facebook” before they can access the promised features. But these login features are merely a means of stealing Facebook users’ account info. And Meta’s Director of Threat Disruption, David Agranovich, noted that many of the apps Meta identified were barely functional.

“Many of the apps provided little to no functionality before you logged in, and most provided no functionality even after a person agreed to login,” Agranovich said during a briefing with reporters.

And if you’re wondering how Facebook is addressing this, here’s how:

Agranovich said that Meta shared its findings with both Apple and Google, but that it was ultimately up to the stores to ensure the apps are removed. In the meantime, Facebook is pushing warnings to 1 million people who may have used the apps. The notifications inform users their account info may have been compromised by an app — it doesn’t name which one — and recommends resetting their passwords.

Thus if you get a warning like this, don’t ignore it. But Apple and Google who let these apps on their respective app stores need to get their act together to stop this sort of thing from happening. Specifically Apple as the company has always argued that the App Store is a safe place. But this incident proves otherwise. And I am sure some people on Capitol Hill will want to get answers about that sooner rather than later.

One Response to “Facebook Issues Security Warning…. Scam Apps Stole Login Credentials For 1 Million Users”

  1. […] this week, I told you about Meta sending notifications to roughly a million people that they Facebook accounts were compromised by account login stealing malware that are in […]

Leave a Reply

%d bloggers like this: