Spotted by security researchers at CloudSEK, the first of these campaigns worked via a domain impersonating the Google Play Store and displaying a malicious, browser–based application for Chrome.
Support the originator by clicking the read the rest link below.