Can GhostTeam really steal Facebook credentials from you? ByNovak Bozovic-January 18, 2018.440 GhostTeam ware steals information from Facebook and uses this to drive ads. The malware has been available in Play Store since April 2017. Since then, 53 applications tainted with the Vietnamese adware have been deleted from the Play Store. With the support of Trend Micro and Avast’s mobile security teams, the tech giants Google have discovered a new breed of malware that can be used to steal Facebook credentials on the Android platform. In effect, infected devices will push advertisements to unsuspecting users. Although the malware has been detected and recently reported to the Google team, experts say the malware has been operating in the Play Store since last April. Well, the bad news is that the GhostTeam adware did what it was intended to do to infect computers with Facebook credentials and send ads to unsuspecting users. The good news is that all of the 53 compromised devices have been deleted from the official Play Store since its discovery. Here are a few interesting facts about the adware: The GhostTeam adware seems to have originated from Vietnam according to Avast and Trend Micro. Most of the Play Store’s compromised devices have Vietnamese as their default language. They have English versions of the infected devices. Host servers are on Vietnam Ips, and communication is managed via orders. In Brazil Indonesia and India, over 60 per cent of infections occur. Users in Australia and the Philippines in Vietnam have also been affected in large part. Most of the contaminated devices are compass apps for cleaning device device optimization apps Qr code scanners flashlight apps and other unsophisticated software. Trend Micro has compiled a list of all the applications infected. If you notice any of the applications on your computer immediately change your Facebook credentials and enable two-factor authentication. Avast and Trend Micro mobile security experts say scoundrels used the malware to make money through the ads they sent to compromised smartphones. That was made possible by unsuspected users who became part of an unscrupulous social promotion program by surreptitious sharing and liking content with their compromised accounts.