Mobile edge computing (MEC) enables the Internet of Things (IoT) with seamless integration of multiple application services. Federated learning is increasingly considered to improve training accuracy in MEC-IoT while circumventing the disclosure of private data, where the IoT nodes collaboratively train a machine learning model without disclosing their private data. In this paper, we propose a new cyber-epidemic attack that progressively manipulates federated learning and reduces the training accuracy of the benign MEC-IoT. The proposed cyber-epidemic attack explores adversarial graph autoencoders (GACE) to generate malicious local model updates that extract correlated features with the benign local and global models. The proposed GACE attack epidemically infects all the benign IoT nodes along with the training iterations in federated learning, while highly enhancing concealment of the attack.