Meta on Friday announced that its researchers found more than 400 malicious Android and iOS apps this year that were designed to steal Facebook login information and compromise people’s accounts.
The apps were apparently listed on Apple App store and Google Play Store. These were disguised as photo editors, games, VPN services, business apps and other utilities to trick people into downloading them.
In a statement, Meta said, “We’ve reported these malicious apps to our peers at Apple and Google and they have been taken down from both app stores prior to this report’s publication.”
Meta is currently alerting people who may have unknowingly self-compromised their accounts by downloading these apps and sharing their credentials. The company is also helping such users secure their accounts.
The social media giant revealed that these well-disguised apps used various tactics to evade detection including covering up negative reviews and publishing fake reviews to trick users into downloading malware.
If any user feels that they have downloaded a malicious app and logged into their social media or online credential, they are recommended to delete the app from device. Meta advises such users to reset and create new strong passwords for their accounts and enable two-factor authentication.