A set of nine malicious Android apps that steal Facebook credentials were found on Google Play. The apps all used an unusual tactic of loading a legitimate Facebook page as part of the data theft. Pop-ups informed users that to access all of the apps functions and to disable in-app ads, users would need to log into their Facebook accounts. Once they did, their passwords and user names were harvested. They are: PIP Photo, Processing Photo, a photo-editing software from a developer called chikumburahamilton
Source: https://threatpost.com/android-apps-google-play-facebook-credentials/167563/