Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
A new report from Meta has found more than 400 malicious applications for both Android and iOS designed to steal users' Facebook credentials.
From camera editor software to VPN services, these apps managed to evade detection and feature in allegedly secure official app stores. Both Apple and Google reacted to these findings, taking them down from Apple's App Store and Google's Play Store respectively.
However, all this makes it clear how cybercriminals have refined their craft, developing malware applications that more and more closely resemble legit software.
Fake apps to infiltrate people's social media accounts
As the report shows, malware apps operate in a very simple way. Asking for users' Facebook credentials as the only option to start using such tools, hackers can easily steal people's usernames and passwords to then infiltrate into their social media accounts.
"Our sense here is that this wasn't kind of a specific geographically targeted thing. This was more an attempt to just get access to as many login credentials as possible," said David Agranovich, Meta’s director of threat disruption, during a press briefing, reported by Forbes.
Among these 400+ dangerous apps, the most afflicted (over 42%) were photo editors. These were followed by business and phone utility tools, like some flashlight apps for example, comprising almost 30% of the threats. More than 11% were allegedly secure VPN software claiming to help you bypass online censorship and pump up your browsing speeds. Other fake applications also included games and lifestyle services such as horoscopes and fitness trackers.
Meta suggests that malicious developers might create these fake apps with a "fun or useful functionality" at its core in order to attract more users.
They may publish fake positive reviews to boost apps' credibility, while trying to hide negative feedback pointing out their harmful nature.
Even though both Apple and Google have now removed such applications from their online stores, Agranovich assured that Meta would be warn the one million users who had come into contact with the applications in case their information had been compromised.
