400 apps caught stealing Facebook login data

October 7, 2022

By Kim Komando

Remembering your username and password for a service or app can be challenging. You should always use a complex password, but many people forgo the advice and use easily crackable ones. This can have dangerous consequences, especially if you use the same credentials for multiple accounts.

Big Tech companies and social media sites make things more dangerous by letting you sign into other apps and services using one set of credentials. For example, you can sign into games or apps on Facebook with your Facebook login data.

Read on to find out how Facebook’s parent company Meta found hundreds of apps that abuse the technology.

Here’s the backstory

Whether you use an Android or iOS phone, you can use your Facebook or Google credentials to sign into many apps and services.

But Meta recently found over 400 Android and iOS apps that abuse this convenient way of signing in. The apps claim to be anything from photo editors and VPN services to phone utilities and mobile games. But they all have one goal: to steal your Facebook login details.

It begins with fake apps disguised as fun games or functionality tools published on app stores but created to spread malware, Meta explains.

Tap or click here for the full list of dangerous apps.

Y

After you install a malicious app, it asks you to sign in with your Facebook credentials before proceeding. The malicious app sends the data to the criminals if you supply the information.

This gives them full access to your Facebook profile, where they can spread spam through messages or access confidential details. They can even steal personal information from your page and create another pretending to be you to trick friends and family.

While Meta didn’t disclose the malicious apps’ official names, it provided some statistics. Over 40% of the malicious apps are photo editors, 15% are business and phone utilities, 11% are mobile games, and just over 11% are virtual private networking apps.

What you can do about it

Meta said it sent the findings to Google and Apple and contacted people who may have unknowingly self-compromised their accounts by downloading malicious apps.

Here are some ways to stay safe from apps hiding malware:

Keep reading

Free app to quickly remove your pics and posts on Facebook, Twitter and more

30-second privacy check every Google and Facebook user must do today

https://www.komando.com/news/social-media/apps-stealing-facebook-login-data/