These malicious mobile apps, which disguised themselves as photo editors, games, VPN services, business apps, and other utilities were listed on Google’s Play Store and Apple’s App Store. These apps stole the login details of around 1 million users. According to Meta, malicious photo editors apps accounted for the most downloads at 42.6%, followed by mobile apps like Business Utility (15.4%), Phone Utility (14.1%), Game (11.7%), VPN (11.7%), and Lifestyle (4.4%). Prior to publishing the report, Meta had notified these rogue apps to Apple and Google, who have removed them from their app stores. Here is the list of all 403 malware apps, of which 356 belonged to Android and 47 to iOS. The company will also be notifying at least 1 million users whose login information may have been stolen due to exposure to one of the malicious apps. “We are also alerting people who may have unknowingly self-compromised their accounts by downloading these apps and sharing their credentials, and are helping them to secure their accounts,” David Agranovich, Director, Threat Disruption and Ryan Victory, Malware Discovery and Detection Engineer wrote in the blog post.
How Did These Malicious Apps Work?
The majority of the malware apps detected on Apple and Google’s app stores were disguised as fun or useful functionality apps such as cartoon image editors or music players.
How Did These Malicious Apps Work?How To Stay Safe
In order to conceal negative reviews by users and make the malicious apps look more legitimate, developers published fake reviews for the same to trick users into downloading the malware. Once the app is installed, users would be prompted to set up an account by using the “Login with Facebook” information. If they entered their credentials, it made it possible for the malicious app to steal their username and password. “If the login information is stolen, attackers could potentially gain full access to a person’s account and do things like message their friends or access private information,” the company added.
How To Stay Safe
Before logging into a mobile app with your Facebook account, it is important to check if the app requires social media credentials to use it, verify the authenticity of the app as well as the app’s developer, and check promised features of the app. If you believe you have downloaded a malicious app, Meta recommends you delete the app immediately from your device. Then secure your account by resetting your password, enabling two-factor authentication, and turning on log-in alerts to get notified if there is any unauthorized access. Google has confirmed that all the apps identified in the Meta report are no longer available in the Play Store. “Users are also protected by Google Play Protect, which blocks these apps on Android,” a Google spokesman said. Apple too confirmed that all the detected malicious apps have been removed from the App Store.