Sixteen Android apps downloaded by a combined total of over 20 million users have been removed from the Google Play store after it was discovered they contained malware which uses up data and drains batteries.
The malware has been discovered by cybersecurity researchers at McAfee who reported them to Google. The apps are no longer available on Google Play – but users who've already downloaded the apps will still be infected unless they uninstall them.
The apps are designed to look like utilities including flashlights, QR code readers, camera enhancers, unit converters, task managers and more.
The apps contained clicker malware - malware which secretly runs in the background and clicks on illicit advertising links to generate ad revenue.
While clicker malware might not be as dangerous to users as malware which steals passwords or bank details, it still causes disruption by draining the battery or using up mobile data. The latter could cost victims money if it takes them over their data allowance and they're charged for it.
Some of the applications have been individually downloaded by millions of Android users.
For example, one app installed by over 5 million users claimed to enable them to find apps which eat a lot of data, although of course the malware inside the app was exactly the sort of thing that would uses up data.
To avoid being detected, the malware delays initially starting the malicious activity for at least an hour and after that it detects whether the user is actively using their device or not, so the malicious activity doesn't take place when the device is being looked at.
It's recommended that users who've installed apps listed as containing clicker malware uninstall them as quickly as possible.
"Once you remove this and other malicious applications, you can expect an extended battery time and you will notice reduced mobile data usage while ensuring that your sensitive and personal data is protected from this and other types of threats," said McAfee's SangRyol Ryu.
A Google spokesperson confirmed that the malicious applications are no longer available on Google Play.