It’s believed to be the second biggest ever malware outbreak to hit Google Play after the Judy malware earlier this year.
Researchers Check Point were the ones to discover the ExpensiveWall malware outbreak to hit Google’s Android OS and the Google Play Store.
The malware sends fraudulent premium SMS messages and charges users’ accounts without them even realising it.
ExpensiveWall was dubbed as the “ultimate spying tool” and could be modified to steal sensitive data, record audio and even capture pictures.
It can also collect information such as the location of a victim using the infected device and their IP address.
Check Point said the malicious software could have infected as many as 21.1million devices after being downloaded up to 4.2million times.
The new malware threat affecting Android and Google Play users was outlined in a Check Point blog post.
The security experts said: “The new strain of malware is dubbed ‘ExpensiveWall,’ after one of the apps it uses to infect devices, ‘Lovely Wallpaper.’
“ExpensiveWall is a new variant of a malware found earlier this year on Google Play.
“What makes ExpensiveWall different than its other family members is that it is ‘packed’ – an advanced obfuscation technique used by malware developers to encrypt malicious code – allowing it to evade Google Play’s built-in anti-malware protections.”
They added: “It’s important to point out that any infected app installed before it was removed from the App store, still remains installed on users’ devices.
“Users who downloaded these apps are therefore still at risk and should manually remove them from their devices.”
Check Point said they notified Google about the ExpensiveWall malware threat on August 7 2017.
The search engine giant then swiftly removed the affected apps from the Google Play store.
Express.co.uk have contacted Google for comment.
The Judy malware campaign produced fake advertising clicks in order to generate revenues for those behind it.
It was feared that 36.5million devices may have been infected by the malware from apps on the Google Play store.
Experts said some 41 malicious apps which were downloaded up to 18.5m times from the Google Play store spread the malware.
The Judy malware threat was once again discovered by Check Point, and was named ‘Judy’ after the cutesy character ‘Judy the chef’ who appears in most of the affected apps.