Meta Identifies 400 Apps That Steal Logins
Written by Kay Ewbank   
Tuesday, 18 October 2022

Meta has identified more than 400 malicious Android and iOS apps this year that target people across the Internet to steal their Facebook login information. The company has reported its findings to Apple and Google and is working to help Facebook users learn more about how to stay safe and secure their accounts.

The company formerly known as Facebook says that the apps were listed on the Google Play Store and Apple’s App Store and disguised as photo editors, games, services and utilities to trick people into downloading them.


Meta gave examples of photo editors, including those that claim to allow you to “turn yourself into a cartoon” VPNs claiming to boost browsing speed or grant access to blocked content or websites; and phone utilities such as flashlight apps that claim to brighten your phone’s flashlight.


Other examples included mobile games falsely promising high-quality 3D graphics; health and lifestyle apps such as horoscopes and fitness trackers; and business or ad management apps claiming to provide hidden or unauthorized features not found in official apps by tech platforms.

The Meta researchers found that while some users worked out that the apps were defunct or malicious and left reviews, these were hidden by the developers publishing fake positive reviews.

Meta is encouraging people to be cautious when downloading a new app that asks for social media credentials and providing practical steps to help people stay safe. The advice starts with resetting and creating strong passwords, and includes enabling two-factor authentication, preferably using an Authenticator app, to add an extra security layer to your account; and turning on log-in alerts so you’ll be notified if someone is trying to access your account. Meta is also encouraging people to report malicious applications that compromise Meta accounts through the company's Data Abuse Bounty program.

A list of the apps identified by Meta is available here.


More Information

Meta Data Abuse Bounty Program

Threat indicators in CSV, TSV, and JSON formats

Related Articles

Google Matches Apple's App Store Cut

What Apps Are Removed From The App Store?

Microsoft Launches Apps Bug Bounty Program 

Over $21 Million In Google Bug Bounty

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.


Apple Swift Student Challenge Results Now In

Apple's Swift Student Challenge is an annual competition  designed to encourage software coding among young people.This year 50 "Distinguished Winners" were invited to attend WWDC24 where, to the [ ... ]

GitHub Actions Adds Arm-Hosted Runners

GitHub has added Arm-based Linux and Windows runners for GitHub Actions. The developers say the addition provides power, performance and sustainability improvements for all your GitHub Actions jobs.

More News

C book



or email your comment to:

Last Updated ( Tuesday, 18 October 2022 )