Facebook warning 1m users about stolen usernames, passwords

META Platforms Inc said it would notify roughly one million Facebook users that their account credentials may have been compromised due to security issues with apps downloaded from Apple Inc and Alphabet Inc’s software stores. 

The company announced last Friday that it identified more than 400 malicious Android and iOS apps this year that target Internet users in order to steal their login information. Meta said it informed both Apple and Google about the issue in order to facilitate removal of the apps. 

The apps worked by disguising themselves as photo editors, mobile games or health trackers, Facebook said. 

Apple said 45 of the 400 problematic apps were on its App Store and have been removed. Google removed all the malicious apps in question, a spokesperson said. 

“If an app is promising something too good to be true, like unreleased features for another platform or social media site, chances are that it has ulterior motives,” said David Agranovich, director of global threat disruption at Meta. 

Meta said it would be sharing tips with potential victims on how they can avoid being “re-com- promised” by learning how to better spot problematic apps that pilfer credentials, whether for Facebook or other accounts. 

The malicious activity occurred off Meta systems, Agranovich said. — Bloomberg 


  • This article first appeared in The Malaysian Reserve weekly print edition