Android Apps were identified as stealing Facebook logins from ist users. According to Lifehacker's latest report, 25 malicious Android apps were removed by Google for its Google Play Store after a Facebook-hacking malware, contained in each application, was discovered by the French cybersecurity firm Evina.
If you know that your device is affected by the malicious apps, you should enable two-factor authentication immediately by resetting your Facebook password and updating your security settings. To make sure there's nothing suspicious happening under the hood, you need to reminded to always check those app's permission; however, the mentioned malicious apps are using face Facebook login pages rather than doing anything untoward behind the scenes which is quite difficult to identify.
This means that checking your app permissions before downloading or installing any application is crucial to data security. However, you still need to be more careful even if the permissions seem fine. The safest way is to only log in through a social media platform's official app since there are plenty of phishing campaigns and malware apps that are trying to steal your social media account using fake login pages.