Mata Platforms Inc. on Friday announced that they have identified more than 400 malicious iOS and Android apps this year that have been stealing the login credentials of the internet users. The company would soon be informing its 1 million Facebook users that their login credentials may have been compromised due to malicious apps they downloaded from Apple store and Google Play store. They will also be sharing tips with potential victims on how they can avoid this in the future.
Out of the 400 apps that Meta uncovered 45 were from Apple store while the rest were from Google Play store. Meta has informed both Apple and Google regarding the security issue in order to remove these apps from their stores. Both Apple and Google have taken down the mentioned apps.
According to the warning by Facebook, these apps were listed on Google Play store and Apple app store disguised as photo editors, mobile games, VPN services, business apps and health trackers. In order to hide out negative comments the attackers publish fake positive reviews and trick people to download the malware.
Once a malicious app installed users are prompted to log in using Facebook making it easier for the app to steal the login credentials. Once the attacker has the login credentials they can gain full access to a person's account and gain access to private information or even send out messages to friends.
The site also says that the iOS apps identified by the company mostly appear to be targeting business users using names like Meta Business and FB Analytics.
If your login credentials have been compromised then according to the guidelines by Facebook you should first delete the app and reset the password. Then you should enable two-factor authentication and turn on log-in alerts so that you know if anyone has accessed your account.
