A bunch of folks who wanted to download videos or get a flashlight app got a nasty surprise.

Security researchers have identified 53 apps that came loaded with malware designed to steal people’s Facebook credentials and bombard them with pop-up ads. These apps were downloaded more than 100,000 times by unsuspecting users.

The malware is called GhostTeam and it managed to get into the Google Play store despite efforts at safeguards.

Among the affected apps are flashlight apps, QR code readers, Facebook video downloaders, file cleaners, and performance boosters.

ghostteamapps.jpg

One app used to carry this malware was the Facebook video downloader shown below:

facebook-fake-video-downloaders.jpg

One sure-fire symptom that you’ve been hit is an unending stream of pop-up ads. GhostTeam will keep your device awake to continually show ads, including fullscreen ads on your home screen.

It’s always a great idea to look at the number of installations and the reviews for any app before installing it. That information is available for every app in the Google Play Store.

google-app-ratings

Your Android security app should be able to find these apps. If you think you’ve been affected, you’ll also want to make sure to reset the passwords on your Facebook and other accounts.