Not being able to separate real Facebook apps from fake ones is a serious hiccup. In a blog post, BitDefender said the bogus Facebook apps are duplicates of legitimate apps like “Lista de Verificación del Amante Ideal” and “Lista de Verificare pentru Iubit(a)” (Spanish and Romanian for “Girlfriend Checklist”).

“The apps are supposed to scan your Facebook contacts and list all the potential girlfriends/boyfriends among your friends. It also enables tagging so “potential candidates” can be made aware of the (fake) app you’ve used.”

These duplicated applications have the same behavior as their original counterparts (in terms of functionality), but they perform a http 302 redirect to another link, that’s not Facebook-related, when they detect mobile traffic.

When detecting an Android handset, the altered app redirects you to a random Google Play (Android maketplace) game that’s totally unrelated to what you were doing.

None of the analyzed Google Play apps have proven to be infected with malware, but the possibility of being redirected to some potentially malicious application or website should not be taken lightly.

Source: Hot For Security