Meta says nearly a million Facebook users’ login information compromised by malicious apps

According to the company, 42.6% of identified malicious apps took the form of photo editors

Updated - October 11, 2022 06:01 pm IST

Published - October 11, 2022 03:06 pm IST

A file photo of Facebook parent Meta’s logo

A file photo of Facebook parent Meta’s logo | Photo Credit: AP

About a million Facebook users’ accounts may have been compromised after they downloaded malicious apps that stole login information, Meta Platforms said last week.

(For insights on emerging themes at the intersection of technology, business and policy, subscribe to our tech newsletter Today’s Cache.)

According to a company blog post on October 7, Meta identified over 400 malicious Android and iOS apps that tried to steal users’ credentials, mainly by having them log in through Facebook.

“We’ve reported these malicious apps to our peers at Apple and Google and they have been taken down from both app stores prior to this report’s publication,” said Meta in its statement.

Meta provided an extensive list of both Android and iOS apps which included photo editors, voice changers, SEO optimisers, business suite tools, VPN apps, fitness aids, and games.

According to the company, 42.6% of identified malicious apps took the form of photo editors.

Users and security experts have questioned how the malicious apps were listed on regulated platforms like the Google and Apple app stores.

Meta also said it was in touch with users whose accounts may have been compromised.

The social media giant advised people who suspected security breaches to delete any suspicious apps, reset their Facebook accounts with new and strong passwords, enable two-factor authentication, and turn on login alerts to be aware of any hacking attempts.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in


Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.