Droid Tools

Tag: facebook

  • Google tops the list of most exploited platforms in the US

    Google tops the list of most exploited platforms in the US

    The foundation of our digital identity is our internet accounts, which are constantly targeted. Hackers are constantly looking for methods to access your data, whether it is through your social media accounts or your e-commerce login credentials, however they are more likely to target certain sites.

    Unsurprisingly, consumers’ Google accounts are the most commonly hijacked online platforms, according to a recent study from Click Insight that examined search trends between November 2024 and October 2025.

    It should come as no surprise that Google accounts are the holy grail for hackers since they are the key to unlocking a number of other native Google services. For this reason, there are more than 84,000 searches per month about “Google” account hacking.

    maxresdefault

    Now that Google is out of the way, Meta’s traditional heavyweight ranks second. According to search statistics, Facebook has 40,058 monthly queries, making it the second most abused site in the United States.

    Roblox, the third most commonly breached platform in the US, is ahead of another Meta-owned behemoth in the top five.

    RankPlatformAverage monthly hack-related searches
    1Google84,038
    2Facebook40,058
    3Roblox35,675
    4Instagram25,250
    5Microsoft18,643
    6Snapchat15,844
    7Apple13,906
    8Amazon9,092
    9TikTok8,508
    10Fortnite7,938

    Given that almost 40% of Roblox users are younger than 13, it is not shocking that threat actors find the site to be an easy target. Conversely, Instagram (#4), one of the most widely used social media sites, is a veritable treasure for hackers who want to obtain much more than simply data.

    Roblox and Instagram had 35,675 and 25,250 hack-related searches per month, respectively. With 18,643 monthly hack-related searches, Microsoft accounts complete the top five. Snapchat, Apple accounts, Amazon, TikTok, and Fortnite come next.

    You need to go beyond simple passwords in order to stay safe online, regardless of the platform. Enabling 2FA authentication and using a password manager that supports passkeys is your best line of defense against threat actors.

  • Threads app, goodbye privacy

    Threads app, goodbye privacy

    Think again if you believed that your data on Threads is private.

    All of the methods that Threads is following you and using your data are listed in the App Privacy section of the Threads App Store website. The list is very, very long, reader.

    Thursday saw the launch of Threads, Meta’s answer to Twitter, and it appears that in its first seven hours of operation, it attracted more than 10 million users.

    Click the “See Details” link in the App Privacy section of the App Store page for a comprehensive overview of the possible data collection and usage practices for Threads (opens in a new tab). But, the gist is this: Nearly all of your personal information is being gathered by Threads, including information about your transactions, finances, location, contact details, search history, and browsing habits.

    threads

    Jack Dorsey, a co-founder of Twitter, became aware of this and tweeted about the Threads App Privacy section. Elon Musk, the company’s current owner, simply said, “Yeah.”

    It doesn’t come as big surprise. The amount and breadth of data that Threads collects is similar to its sister app, Instagram(opens in a new tab) (both Threads and Instagram are owned by Meta, which also owns Facebook).

    Twitter and other significant social media platforms gather user data as well in order to provide advertisements from outside businesses more effectively. A comparable, albeit slightly condensed, overview of all the ways in which Twitter uses the data of its users can be found on its App Privacy(opens in a new tab) page.

    Even still, it’s upsetting to have to give a Twitter clone access to vast amounts of your personal information. Another Twitter competitor, Jack Dorsey’s BlueSky, which is now invite-only, claims to be looking into ways to make money without being as dependent on third parties as its rivals.

  • Messenger is wasting your phone’s battery running background tests – I knew it!

    Messenger is wasting your phone’s battery running background tests – I knew it!

    One of the most widely used messaging services is Facebook Messenger, but its parent company, Meta, has a spotty history of protecting users’ interests. The social media behemoth has recently been the target of multiple security breaches and is infamously linked to the Cambridge Analytica affair. The fact that a former data scientist for the firm believes Messenger can intentionally drain your smartphone’s battery in the sake of feature testing, potentially placing you in danger, is concerning because it shows that user interests continue to be Meta’s secondary concern.

    Data scientist George Hayward, 33, filed a lawsuit against his former employer in Manhattan Federal Court after being fired in November, terminating his three-year employment with Meta (via Android Authority). According to Hayward’s lawsuit, the business let him go because he refused to participate in negative testing, which is the technique of deliberately supplying false data to an app to ensure that it will work when users use it inappropriately.

    Messenger

    Hayward disagreed with negative testing, but not because of the method Meta used to conduct it. The battery life of a Messenger user’s phone would suffer when the business remotely initiated negative testing on that user’s device. The majority of people keep a close eye on their phone’s battery level throughout the day, but in the event of an extreme depletion, they can find themselves in a situation where they are unable to contact family or emergency services.

    According to Hayward, who spoke with the New York Post, the true risk comes from users not being aware of Meta’s negative testing procedures. But that’s not all; according to reports, Meta also gives staff members manuals on how to conduct considerate negative tests that use examples from actual research. This appears to suggest that Meta runs these tests frequently and would perhaps assign larger teams to the job. Sadly, Hayward continues, discussing the appropriateness of the procedures with superiors didn’t go over well; he hinted that refusing to submit to the tests would result in his termination.

    Hayward made certain claims, but Meta hasn’t responded to them. The lawsuit has subsequently been dropped. If the required arbitration attempts between the two parties are failed, it may go on.

    If you’re worried about Messenger’s negative testing in the interim, you can go to its Program Info page on your Android phone, pick “Battery,” and then select “Restricted,” to stop the app from operating in the background. However, be aware that this could cause delayed message alerts. Reviewing the privacy settings on your phone and looking for more battery-saving techniques may be a preferable course of action.

  • Facebook find 400 Android and iOS apps that steals log-in credentials

    Facebook find 400 Android and iOS apps that steals log-in credentials

    On Friday, Meta Platforms announced that it had discovered over 400 malicious apps on Android and iOS that it claimed were aimed at online users in order to steal their Facebook login credentials.

    According to a study provided with Droid Tools by the social media giant, “These programs were placed on the Google Play Store and Apple’s App Store and disguised as photo editors, games, VPN services, business apps, and other utilities to deceive consumers into downloading them.”

    ezgif.com gif maker 76

    42.6% of the rogue apps were photo editors, followed by business utilities (15.4%), phone utilities (14.1%), games (11.7%), VPNs (11.7%), and lifestyle apps (4.4%). Interestingly, a majority of the iOS apps posed as ads manager tools for Meta and its Facebook subsidiary.

    The owners of the plan not only disguised its nefarious nature as a collection of seemingly innocent apps, but they also posted fictitious reviews in an effort to counteract any unfavorable comments made by users who may have previously downloaded the apps.

    By presenting a “Login With Facebook” prompt, the apps ultimately served as a way to steal the user login information.

    login with facebook

    “If the login information is stolen, attackers could potentially gain full access to a person’s account and do things like message their friends or access private information,” the company said.

    Both app stores have removed all of the disputed apps. You may view the list of 402 apps, which includes 355 Android apps and 47 iOS apps.

    It is crucial to use caution while downloading apps and providing access to Facebook in order to get the claimed functionality, as it is with all programs of this nature. This entails carefully examining app permissions and user evaluations as well as confirming the legitimacy of the app creators.

    The disclosure was made at the same time that three Chinese and Taiwanese businesses were sued by Meta-owned WhatsApp for allegedly deceiving over a million users into compromising their own accounts by disseminating fake versions of the messaging software.