These fake apps were free, but they ended up costing millions of people using Android.
Researchers from Check Point, a security company, said they discovered 50 apps hiding malware on the Google Play Store. The malware was downloaded between 1 million and 4.2 million times before the affected apps were removed, said Check Point.
These viruses were disguised as free wallpaper, camera and video editing apps, but contained a costly side effect. Malware in the apps would secretly register victims for paid services or send fraudulent text messages that people would have to pay for. Check Point named the malware "ExpensiveWall," after finding the majority of the infected apps were fake wallpapers.
ExpensiveWall is actually a new strain of a previously known malware, which McAfee discovered in January on Google Play. "The entire malware family has now been downloaded between 5.9 million and 21.1 million times," said Check Point's researchers in a blog post.
The security company said it notified Google on Aug. 7 about the phony apps, and it quickly removed them. But within days, even more fake apps popped up, and they were downloaded more than 5,000 times before Google removed the new crop.
The fake apps were able to slip by Google's Play Protect, which is supposed to scan Android devices for malicious software, because scammers "packed" the malware, an advanced hiding technique that ducks under Google's radar, Check Point said.
Google didn't respond to a request for comment.
Even though Google removed the apps from its store, if you downloaded one, your device is still infected, Check Point's researchers warned.
This article originally appeared on CNET.