The Pink Camera and Pink Camera 2 apps had been installed around 10,000 times, according to Kaspersky researchers. They included genuine (though limited) photo-editing functionality, but also came with a highly dangerous backdoor that could offer the attacker almost complete control over an infected device. Once a victim was infected, the MobOk malware collected device information, such as the associated phone number, in order to exploit this information in later stages of the attack. The attackers signed the victim up for paid online subscription services that they had in fact set up.
Source: https://threatpost.com/mobok-malware-google-photo-editor/145932/