Most prevalent of the malicious payloads in the downloaded apps — the majority of which were tools — was the Joker information-stealing malware, followed by adware, Facebook account credential stealers dubbed “Facestealer,” the Coper infostealer, and the Loanly installer, a report from Zscaler ThreatLabz showed.

Source: SC Magazine