Friday, May 24, 2024

Facebook Suspended More Than 10,000 Apps That Associated with 400 Developers for Abusing FB Privacy

Facebook announced that they suspended “tens of thousands” of apps associated with 400 developers due to the privacy concern, and pose a threat to the Facebook community.

After the Cambridge Analytica scandal that affected 87 Million Facebook Users, Facebook continuously focusing more and deploy the in-depth investigation to figure out the vulnerable apps.

Facebook started the investigation based on the accessibility permission that requested by the apps from Facebook users, which means “how many users they had and how much data they could access “

Later Facebook starts identifying the apps that abuse the privacy policy based on the signals associated with an app’s potential and perform the in-depth examination.

To date, the investigation has applied with millions of apps and suspended more than 10k apps for a variety of reason, and the app developers team employed by Facebook continuing their investigation.

Not All suspended App Posing threats

Facebook suspended many apps not just because of abusing the user’s privacy but many of the app that opt-in the facebook API not live, and so many test apps are never get rolled out.

“We have clarified that we can suspend or revoke a developer’s access to any API that it has not used in the past 90 days”, Facebook said.

Also, many of the app developers are not responding to a Facebook request which causes them to suspended according to Facebook’s commitment to take action.

According to Ime Archibong, VP of Product Partnerships at Facebook ” In a few cases, we have banned apps completely. That can happen for any number of reasons including inappropriately sharing data obtained from us, making data publicly available without protecting people’s identity or something else that was in clear violation of our policies.  “

In the same case, an App called myPersonality banned in last year shared the information about 3 Million Facebook Users Highly Sensitive Data with researchers and companies.

“Also, Facebook filed a lawsuit against Rankwave, a South Korean data analytics company that failed to cooperate with Facebook investigation an LionMobi and JediMobi, two companies that used their apps to infect users’ phones with malware in a profit-generating scheme.”

Likewise, To improve users privacy, Facebook continually working to set up a strong foundation by removing several APIs, and carefully review every active app whether its access to more than basic user information.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates



Latest articles

Hackers Weaponizing Microsoft Access Documents To Execute Malicious Program

In multiple aggressive phishing attempts, the financially motivated organization UAC-0006 heavily targeted Ukraine, utilizing...

Microsoft Warns Of Storm-0539’s Aggressive Gift Card Theft

Gift cards are attractive to hackers since they provide quick monetization for stolen data...

Kinsing Malware Attacking Apache Tomcat Server With Vulnerabilities

The scalability and flexibility of cloud platforms recently boosted the emerging trend of cryptomining...

NSA Releases Guidance On Zero Trust Maturity To Secure Application From Attackers

Zero Trust Maturity measures the extent to which an organization has adopted and implemented...

Chinese Hackers Stay Hidden On Military And Government Networks For Six Years

Hackers target military and government networks for varied reasons, primarily related to spying, which...

DNSBomb : A New DoS Attack That Exploits DNS Queries

A new practical and powerful Denial of service attack has been discovered that exploits...

Malicious PyPI & NPM Packages Attacking MacOS Users

Cybersecurity researchers have identified a series of malicious software packages targeting MacOS users.These...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles