Facebook: Warning issued as over 1 million accounts have been targeted by malware

As many as 1 million Facebook accounts targeted by malware
© SOPA Images - Getty Images
As many as 1 million Facebook accounts targeted by malware
More under this ad

Meta recently announced that iPhone and Android malware apps may have stolen passwords from up to 1 million users of the platform.

The announcement was issued Meta blog post which contained a report on the impact of malware and ways to improve the collective defense against it.

Discover our latest podcast

Their researchers found that there were more than 400 malware apps this year that were designed to steal the login information of Facebook users. Meta's Newsroom reports:

More under this ad
More under this ad
These apps were listed on the Google Play Store and Apple’s App Store and disguised as photo editors, games, VPN services, business apps and other utilities to trick people into downloading them.

How do they work?

thumbnail
Up to 1 million Facebook accounts compromised Stock Depot - Getty Images
More under this ad
More under this ad

The method is relatively simple. Most of the apps would ask for a Facebook login in order to access them - something not unusual on its own as legitimate apps do this also. Then, whilst guiding users through the login process, in the background the apps would target user info including passwordsand two-factor authentication for nefarious means.

Meta’s Director of Global Threat Disruption, David Agranovich stated that users everywhere were at risk. Forbes reports:

More under this ad
More under this ad
Our sense here is that this wasn't kind of a specific geographically targeted thing. This was more an attempt to just get access to as many login credentials as possible

How to stay safe

Agranovich went on to say that users should be more wary about the apps they use and query why certain simple apps would need their Facebook login. Users should also look at reviews for any apps they download as they can provide clues as to whether it is a scam. Another tell-tale sign is if the app promises features that it does not deliver.

More under this ad
More under this ad

If you have been affected by any of these scams and believe you may have downloaded a malware app and used your Facebook login, follow these steps:

  1. Delete the app immediately and reset and create new strong passwords.
  2. Enable two-factor authentication.
  3. Turn on login alerts so you will be aware if anyone is trying to login to your account. It is also a good idea to check past logins to make sure you recognise all the devices.

Meta also encourages users to report any malicious applications to them through their Data Abuse Bounty program.

Sources Used:

- Forbes 'Malware Apps May Have Stolen The Passwords Of 1 Million Facebook Users, Meta Says'

- Meta Newsroom 'Protecting People From Malicious Account Compromise Apps'

Read more:

Facebook Marketplace warning: There's a new costly scam you should be aware of

Netflix users warned to turn on important setting immediately to protect their account

If you use Facebook, you need to be careful after this warning

More under this ad