Meta is warning Facebook users that dozens of “malicious mobile apps” have infiltrated users’ iPhones via the App Store. Security researchers have found hundreds of apps that “were designed to steal Facebook login information and compromise people’s accounts” and could have compromised more than a million logins.
While the company has uncovered more than 400 apps in total, only about 50 are from the iOS App Store, and all have been removed for sale. Meta reports that the apps, which were listed on the Google Play Store and Apple’s App Store as legitimate apps, were “disguised as photo editors, games, VPN services, business apps and other utilities to trick people into downloading them.”
The majority of apps were photo editors, specifically “those that claim to allow you to turn yourself into a cartoon,” followed by games, flashlight brightening apps, and VPNs. When installed on an iPhone, the apps ask users to Login With Facebook before they can use it. Once they do, hidden malware will steal their username and password and could use it to gain full access to their account.
Meta says users who have downloaded the apps should delete them from their phone and change their Facebook password. The company also recommends enabling two-factor authentication and turning on login alerts so as to get notified if someone is trying to access your account. The company estimates that more than a million users may have fallen victim to the fake apps.
These are the apps that Meta has identified as malicious:
iOS App ID | App Name |
1555651942 | FB Advertising Optimization |
1561642325 | Business ADS Manager |
1563142182 | Ads Analytics |
1564091908 | FB Adverts Optimization |
1566705026 | FB Analytic |
1566706023 | FB Adverts Community |
1574530186 | Adverts Ai Optimize |
1587056055 | Very Business Manager |
1591775710 | FB Business Support |
1593368297 | Fb Ads |
1596775769 | Meta Optimizer |
1597553589 | Business Manager Pages |
1598946098 | Adverts Manager |
1600072709 | Meta Adverts Manager |
1600404846 | Ad Optimization Meta |
1601275530 | FB Pages Manager |
1602637866 | Business Ads |
1603255418 | Meta Business |
1603571287 | Business Suite Manager |
1604086670 | FB Ads Cost |
1607057895 | Adverts Bussiness Suite |
1608743187 | Business Ads Clock |
1609915932 | Ads & Pages |
1610859814 | Business Suite |
1610944161 | Business & Ads |
1612196202 | Business Manager Overview |
1613983385 | Business Suite Ads |
1619733733 | Page Suite Manager |
1622402517 | Business Meta Support |
1623362126 | Pages Manager Suite |
1625368035 | Business Meta Pages |
1626632781 | Business Suite Ads |
1626692617 | Ads Business Knowledge |
1629919774 | Page Suite Managers |
1631778308 | Pages Managers Suite |
1632069527 | Ads Business Advance |
1632606219 | Pages Manager Suite |
1633012933 | Business Suite Optimize |
1633016482 | Business Manager Suite |
1633078757 | Business Suite Managers |
1633828994 | Ads Business Manager |
1635045234 | Ads Business Suite |
1635301567 | Business Manager Pages |
1635555183 | Business Adverts Manager |
1636196931 | Ads Manager Suite |
1636825108 | Business Manager Pages |
1639572841 | Ads & Business Suite |
Affected users may receive an email from Facebook alerting them to a potentially compromised account, but anyone who may have downloaded one of the above apps should change their password immediately.