Meta will warn about 1 million Facebook users that their credentials may have been stolen. The news agency reported that the victims downloaded fraudulent apps from the Apple App Store or Google Play Store Bloomberg Friday.

Mark Zuckerberg announced Friday that it has identified more than 400 malicious iOS and Android apps with the aim of stealing Facebook credentials. Meta Apple and Google have reported these issues before.

The apps in question pretended to be a mobile game, health tracker, or photo editing app. “Cybercriminals know how popular these types of apps are and will use these types of attributes to trick people into stealing their accounts and information,” said Director David Agranovich.

An error occurred, among other things, when users wanted to upload an image from a fraudulent editing app to their Facebook accounts. A fake login screen will then appear, tricking them into entering their username and password.

An Apple spokesperson said in response that 45 of the 400 apps are available in the App Store. This has since been removed. A Google spokesperson also announced that all malicious apps have been taken offline.