Since the beginning of 2022, Meta, the parent company of Facebook and Instagram, has identified more than 400 “malicious” applications, available for smartphones operated with iOS (Apple) and Android (Google).
“These applications were present in the Google Play Store and the Apple App Store and were posing as photo editing tools, games, VPNs and other services,” he said. Goal it’s a statement.
Once downloaded and installed on the phone, these apps asked users for their Facebook credentials in order to use some features.
“They tried to encourage people to give their confidential information to allow hackers to access their accounts,” summarized Agranovich, who estimates that the developers of these applications were probably looking to recover other passwords, not just those of Facebook.
“The targeting seemed to be relatively indiscriminate,” he noted. It was about “getting as many as possible” passwords.
Goal stated that they shared their findings with Apple and Google.
Apple did not respond to an AFP request for comment, but Google said it had removed most of the apps flagged by Apple from its Play Store. Goal.
“None of the apps identified in the report are still available on Google Play,” a Google spokesperson wrote to AFP.