Facebook detects 400 applications for iOS and Android that steal user credentials

Meta, the parent company of Facebook, indicated that the accounts of about a million users of that popular social network have been compromised due to the malicious activity of 400 applications for Android and iOS, designed to steal access credentials.

According to the technology company, these apps _whose names are detailed in a bulletin_ are available in the Google and Apple stores and pretended to offer photo editing services, virtual private networks (VPN), activity monitors, among other types of utilities, with the goal of getting users to download them.

It was detailed that these rogue apps, once installed, required to log in with the Facebook account to supposedly access the features. Nevertheless, its real purpose was to steal the credentialsdetails Meta on its official site.

Ecuador is among the five Latin American countries in whose companies the most malicious computer detections are registered

Ways to spot fake emails and avoid falling for phishing

Some examples of these apps include:

• Photo editors, including those that claimed to “turn you into a cartoon”
• VPNs claiming they would improve your browsing speed or grant you access to blocked content or sites
• Features for the phone like apps that claimed to increase the brightness of the phone’s flashlight
• Mobile video games that promised high-quality 3D graphics
• Health and lifestyle apps like horoscopes or fitness trackers.
• Business apps or ad management, saying that they granted access to unauthorized functions that are not found in official apps of technological platforms

“If login information is stolen, attackers could gain full access to a person’s account and do things like send messages to your friends or access private information“, It indicated.

Meta alerted Apple and Google to these apps, which have already been pulled from the app stores. In any case, and since they can still be installed on users’ phones, the company suggests resetting the password and creating a new one.

The company advises the following instructions to secure accounts:

• Create a new strong password. Never use the same password for different services or websites.
• Turn on two-step authentication, preferably using an authenticator app, to add an extra layer of security to your account.
• Turn on login alerts to be notified if someone is trying to access your account. Be sure to review previous sessions to ensure that you recognize the devices that have access to your account.

In addition, users can also report malicious apps that compromise Meta accounts.

They discover a cyber-scam in which they impersonate PayPal’s identity to obtain banking information

This is ‘Fakecalls’, the Trojan that pretends to be a bank ‘app’ and imitates your telephone conversations

The director of global threat disruption at Meta, David Agranovich, indicated that the company will notify about a million users whose accounts they believe have been compromised, according to details. Bloomberg. (YO)