Meta, the parent company of Facebook, has warned its users about hundreds of apps on Apple and Google's app stores that were specifically designed to steal login credentials to the social network app.
According to The Verge, the company has said that over 400 malicious apps disguised as games, photo editors, and other utilities have been identified by them.
Facebook is notifying users who "may have unknowingly self-compromised their accounts by downloading these apps and sharing their credentials."
As per Bloomberg, a million users were potentially affected.
In its post, Meta said that the apps tricked people into downloading them with fake reviews and promises of useful functionality; both are common tactics for other scam apps that are trying to take your money rather than your login info.
However upon opening some of the apps, users were prompted to log in with Facebook before they could actually do anything and if they did, the developers were able to steal their credentials, reported The Verge.
Meta says that it reported the apps to Google and Apple and got them taken down, but it's still not a great look that they made it onto the stores in the first place.
Facebook's report indicates that the issue is significantly worse on the Play Store as out of the 402 malicious apps on its list, 355 were for Android, and 47 were for iOS.
As per The Verge, interestingly, the Android ones spanned a wide range of genres, from games, VPNs, photo editors, and horoscope apps, every single one for iPhone was related to managing business pages or ads.