Android.PWS.Facebook in virus library:

An Android OS family of trojan apps designed to steal data that can be used to hack into Facebook accounts. Such apps include:

• Fake applications disguised as genuine Facebook social network software or that display fake authorization forms inside them.
• Apps that inject special JavaScript scripts into the original Facebook login web page to steal user name and password. This page is loaded into WebView inside such apps.
• Apps that steal cookies and session data from the original Facebook web page. This page is loaded into WebView inside of the trojan software.

Below is an example of how one of these trojans prompts the user to log into Facebook to extend the app’s functionality. It loads the original login page with malicious JavaScript scripts into WebView. When authorization is complete, the victim’s cookies are hijacked along with their login and password.