Tech News

The 3 questions every Facebook user should ask themselves to recognize malicious apps

The applications are developed by cybercriminals with the intention of extracting information from the devices that download them.

the technology company Goal carried out computer surveillance work and was able to identify a total of 400 applications in the app store Y Play Store that threatened the cybersecurity of millions of users around the world because, through them, cybercriminals who infiltrated malware to their victims’ devices to steal information.

[article_mb_code]

This investigation, carried out during the last year, resulted not only in the identification of these threats, but also, through coordinated work with Google Y Manzanathese were removed from the app stores to prevent further production cyber attacks against users.

During an exclusive interview with TechMarkup, David AgranovichDirector of Security Policy in Goal globally, shared three questions that Meta encourages people to ask each time they try download an app to recognize when this is actually a malicious app.

Does it make sense for this app to connect to Facebook?

[article_mb_code]

First of all, users should ask themselves if the downloaded application really needs the information offered by a link with Facebook or other accounts on social networks to be able to operate normally.

Users should ask themselves if it makes sense for an application to ask to login to Facebook before being used. REUTERS/Dado Ruvic/Illustration
Users should ask themselves if it makes sense for an application to ask to login to Facebook before being used. REUTERS/Dado Ruvic/Illustration

According to the information provided by Agranovich, among the 400 applications that were removed from stores Google Y Manzanait was identified that 42.6% of them fulfilled the function of photo editor, 15.4% were related to work uses, 14.1% to device uses, 11.7% were games, 11.7% said they were VPNs and 4.4% were health and Lifestyle.

[article_mb_code]

However, among all these applications it was also possible to see that some requested that users connect it to Facebook before using it. “If a person downloads a app flashlight, but before I can use it it tells me that I need to log in with Facebook. That’s probably something fishy,” Agranovich said.

What is the reputation of the app?

In the app stores, either in app store or in the Google Play Storepeople will be able to find a series of comments about how the app they install is useful, how it works and what possible flaws it may present.

According to TechMarkup, the representative of Goal, these are important to know if an application is potentially malicious or not. For Agranovich, it is very important that users read some of the negative reviews that the applications have.

[article_mb_code]
Users should read negative app reviews for any that might indicate the app being downloaded is malicious. (Bitdefender)
Users should read negative app reviews for any that might indicate the app being downloaded is malicious. (Bitdefender)

“In some of them, people could even appear who, explicitly, say that they consider that the app it is a scam or that it does not do what it says”, he affirmed.

Does the app seem too good to be true?

Malicious apps will also try to convince users that downloading them is good, so they offer functions that could appear exaggerated or misleading. David Agranovich also considers that this could be seen by users as a bad sign about the intentions of the apps.

“If the app is promising features that are too good to be true like new capabilities within the platforms of Goalthen it is likely that he has other intentions, “he assured TechMarkup.

Coordination with Apple and Google

Meta’s research work also involved team effort with Apple and Google in order to eliminate these malicious actors that used applications as fronts for their intentions.

Meta shared the results of its research with Google and Apple to help companies improve their security systems and protect users. REUTERS/Dado Ruvic/Illustration/File Photo
Meta shared the results of its research with Google and Apple to help companies improve their security systems and protect users. REUTERS/Dado Ruvic/Illustration/File Photo

Agranovich indicated to TechMarkup that this type of collaboration between companies in the technology industry is usual and that it has the objective of protect users.

“The best thing we can do is not only increase our defenses, but help our partners in the industry do it too, so that if these threats happen on their platforms, we are all working together to make sure they can’t do what they do. what they do,” he said.

In addition, he also said that these collaborations are not uncommon and that when other companies detect malicious activity, they also share their information with Meta.

How malicious apps work

According to information collected by Goal in his research work, these applications are developed by cyber criminals with the intention of extracting information from the devices that download them.

The applications are developed by cybercriminals with the intention of extracting information from the devices that download them. (photo: 20Minutes)
The applications are developed by cybercriminals with the intention of extracting information from the devices that download them. (photo: 20Minutes)

Generally, these applications indicate having fun or useful featuressuch as image editors to create cartoons or music players, and publish them in online stores. Applications.

Also, to hide negative reviews from people who have detected the malicious nature of these apps, developers can post fake reviews to make people download this malware. This is why, according to Agranovich, users should check out unfavorable reviews for apps.

Once a person installs this app, they can request to “login with Facebook” before they can use the features it promises. If the user enters his data, the malware inserted into the device can steal the information access, such as user and password use them for login.

In case the information is stolen, the attackers will then be able to gain access to the user’s account and use the information it contains in new forms of cyberattack.

:

Back to top button