Cybersecurity firm Zimperium has discovered a new malware, dubbed FlyTrap, that has infected thousands of Android users via social media.

According to Zimperium’s report, FlyTrap has been distributed on the Google Play Store in the form of various apps promising Netflix coupons, European football votes, and more. If your Android device is infected and you log in to Facebook, FlyTrap will dig up your Facebook ID, location data, email address, and your IP address. Hijacked Facebook sessions can also be used to spread FlyTrap to other users by automatically sending links to download the malware.

Zimperium reports that it has verified more than 10,000 FlyTrap victims in 144 countries (including the US and Canada).

"As with any user manipulation, high-quality graphics and official-looking login screens are common tactics to trick users into taking actions that could reveal sensitive information," Zimperium said in its report. "In this case, the FlyTrap Trojan hijacks the session information with malicious intent while the user is logging in to their official account."