Facebook’s parent company Meta has revealed that one million accounts have had their passwords stolen via mobile apps. There would be more than 400 apps available on iPhone and Android, including 40% of photo editing apps that stole the passwords.
This is in fact what David Agranovich, Director of Cybersecurity Teams at Meta, said in a blog published by Meta.
These apps stole Facebook account usernames and passwords by requiring users to log into their profile to unlock certain features.
According to Agranovich, it cannot be ruled out that these apps also wanted to steal other credentials for other types of accounts.
The types of malicious applications affected
Of these 400 malicious applications, 40% would be photo editing applications. The others would be utility apps like a flashlight app, work apps, games, VPNs, and lifestyle apps.
Application type breakdown among the 400 malware identified by Meta.
Google and Apple have been made aware of the malicious activities of these applications and for now only Google has specified that it has removed the applications in question from its catalogue.
Protect your Facebook account
All Facebook users whose account password has been stolen will be notified by Meta.
“We’re going to let a million people know they may have been exposed to these apps – it doesn’t necessarily mean they were hacked.” »
If applicable, users will be prompted to change their password.
As a precaution, it is possible to change the password of your Facebook account at any time.
Enabling double authentication is also a great way to protect your Facebook account.
When someone has our password, they encounter a second barrier in the form of an ephemeral code that we receive via SMS or generate through a double authentication application.
How to enable two-factor authentication on Facebook to protect your account
Protect your accounts with a two-factor authentication app