Millions of Android devices are at risk of being infected with malicious software after Google discovered dozens of apps in its store that contained the program.
Up to 36 million Android users may have been affected by the Judy malware, which was found in more than 50 apps on the Google Play store, according to security researchers at Check Point.
The virus infects devices with software that harvests fraudulent clicks for advertisements without the user knowing. It does this by opening a hidden web browser the user cannot see and clicking on adverts in the background.
It was predominantly fitted in malicious apps created by Korean company Kiniwini, registered on Google as Enistudio. It makes a range of apps that feature character called Judy, including Chef Judy, Princess Judy and Fashion Judy. One such game, called Chef Judy: Picnic Lunch Maker, had a 4.2 rating and been downloaded up to one million times.
Check Point estimates the Judy apps were downloaded between 4.5 million and 18.5 million times in total. Apps from other developers were also found to have contained the malware, meaning up to 36.5 million users could have been affected.
Some of the apps have been available on Google's app store for several years, but it isn't clear how long they have been infected with the Judy malware, the researchers said.
Google has now deleted the apps from its Play store.
The problem is reminiscent of the FalseGuide malware Check Point discovered last month that was downloaded onto nearly 2 million handsets. The software was hidden inside apps and games, and would have let cyber criminals force devices to download additional software.
It was suspected that Russian hackers were using the malware to create a botnet that could be used for a DDoS attack.