ni Lolet Abania | October 8, 2022
Nagbabala ang Meta nitong Biyernes sa milyon-milyong Facebook users na sila ay posibleng “exposed” na sa tila tinatawag na innocuous smartphone applications na dinisenyo umano para magnakaw o mag-steal ng mga passwords sa social network.
Sa ginanap na briefing, ayon sa director ng threat disruption na si David Agranovich, hanggang sa kasalukuyang taon, nakatukoy ang Meta ng mahigit sa 400 “malicious" apps na pasadya para sa mga smartphones, kung saan powered ng Apple o Android software at available sa Apple at Google app stores.
“These apps were listed on the Google Play Store and Apple’s App Store and disguised as photo editors, games, VPN services, business apps and other utilities to trick people into downloading them,” pahayag ng Meta sa isang blog post.
Batay sa security team ng Meta, madalas na ang naturang apps ay magsasabi sa mga indibidwal na i-login ang kanilang Facebook account information upang magamit ang mga promised features, hanggang sa mag-steal o kukuhanin na ang mga usernames at passwords kapag pumasok na rito.
“They are just trying to trick people into entering in their login information in a way that enables hackers to access their accounts,” sabi ni Agranovich tungkol sa apps.
“We will notify one million users that they may have been exposed to these applications; that is not to say they have been compromised,” saad ng director.
Mahigit sa 40 porsiyento ng apps na naitala ng Meta ay sangkot ang mga paraan sa pag-edit o pag-manipulate ng images o larawan, at ilang tila simple lang gaya ng paggamit ng smartphones bilang flashlights.
“Our sense is these types of malicious app developers try to target multiple services,” giit ni Agranovich na aniya, tinatarget ng mga app creators ang mga passwords higit pa sa Facebook accounts lamang.
“The targeting here seemed to be relatively indiscriminate -- get people to download the applications around the world in an attempt to get access to as many login credentials as possible,” paliwanag ni Agranovich.
Ayon sa Meta, “it shared what it discovered with Apple and Google, who control what is offered at their respective app shops and each vet offerings.”
Sinabi rin ng Apple sa AFP (Agence France-Presse), “only 45 of the 400 applications highlighted by Meta were on its operating system, and that the company has already removed them from its app store.”
Batay naman sa Google, “most of the apps Meta flagged had already been identified and removed from the Play store by its own vetting systems.”
“All of the apps identified in the report are no longer available on Google Play,” pahayag ng spokesperson sa AFP.
“Users are also protected by Google Play Protect, which blocks these apps on Android,” dagdag pa nito.
Comments