Can GhostTeam Adware Really Steal Facebook Credentials?

Written by Novak Bozovic
Last updated July 10, 2021

The tech giants Google, with the help of mobile security teams from Trend Micro and Avast, has uncovered a new breed of malware that can be used to steal Facebook credentials on the Android platform. Infected devices can, in turn, push advertisements to unsuspecting users. Although the malware was discovered and reported to the Google team just recently, experts say that the malware had been active in the Play Store since April last year.

Teams from Trend Micro and Avast have reported that a total of 53 apps on the Play Store. Most of the infected apps have been on the Android Play Store since April 2017 and were put in Play Store by a wave.

Well, the bad news is that the GhostTeam adware really did what it was designed to do, steal Facebook credentials, infect devices, and push ads to unsuspicious users. The good news is that since its discovery, all of the 53 infected apps have been removed from the official Play Store.

Here are a few interesting facts about the adware:

Adware Stats

Trend Micro has made a list all the infected applications. If you find any of the apps on your device, change your Facebook credentials immediately and activate two-factor authentication.

Mobile security experts from Avast and Trend Micro say scoundrels used the malware to earn money through the advertisements they pushed to infected devices. That was made possible by unsuspected users who through surreptitious sharing and liking content with their compromised accounts, became part of an unscrupulous social promotion service.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: