Social networks are the order of the day. Most of us have accounts on Facebook, Instagram, Twitter, and other similar networks. Over time, and almost without realizing it, we upload all kinds of personal information to these networks so that, little by little, the account gains value. Therefore, hackers always look for the slightest opportunity to trick users and get hold of them and all the data. And so, in a new security audit, Meta has found more than 400 apps, for Android and iOSused to steal user data.
Hackers seek to gain control of victims’ social networks for many reasons. For example, thanks to them they can collect information about users, and then sell it on the Deep Web to the highest bidder. They can also use these networks to create fake identities online and to carry out phishing attacks, and even to use our account to carry out scams or phishing.
As stated in the new Meta report, the company has detected more than 400 very popular applications used in order to obtain user data. These applications, with malicious code, have been published in both the Android Play Store and the iOS App Store. In addition, they have been hidden in all kinds of categories, such as photo editorsMusic players, VPN appsflashlights, health applications, games, etc.
The modus operandi of these apps was simple. When the user downloaded and installed them, upon opening them they were asked to log in with their Facebook account to access all the app’s functions. By doing so, the user was submitting their credentials to a server controlled by the hackers. And, with the username and password in their possession, hackers could take full control of the account.
These apps had many negative reviews in the app stores, although the developers have worked to publish positive reviews as well to mislead victims.
Meta warns: protect your Facebook account
Meta security experts remind users that Not all apps that ask to log in with Facebook are dangerous. But, in this case, it has happened that yes. The company strongly recommends that if we have used any of these applications, or suspect that we have entered our Facebook data on a suspicious website or login window, we take action as soon as possible.
From the company they recommend us change the password of our account as soon as possible to prevent hackers from keeping control of our account. In addition, they also recommend enabling additional security measures, such as two-step authentication to better protect our accounts. And finally, once we are inside the account check connection history so we can find out whether or not someone has been using our account without permission. And, if so, review (and delete) comments or messages that the pirate may have left.
