Malware found in at least 56 Android apps on Google Play Store that steal Facebook login credentials. Malware dubbed GhostTeam is designed to display pop-up adverts and steal Facebook credentials. The most users affected by the malware reportedly resides in India, Indonesia, Brazil, Vietnam, and the Philippines. GhostTeam malware has since been removed by Google from the Play Store after researchers reported it to the company. Users who have already installed one such app on their devices should make sure they have Google Play Protect enabled.
Source: https://thehackernews.com/2018/01/facebook-password-hacking-android.html