A new form of malware has been found on a number of popular apps throughout the Google Play Store, meaning that millions could be infected.
That's the conclusion of a report from antivirus software specialist Avast. The company discovered the exploit after a user posted a tip to its forums.
The malware in question sits on a number of apps in the Google Play Store across a number of countries. What's even more disturbing is that many of these apps have already been downloaded millions of times.
Most prominent of these infected apps is a card game called Durak, which has (according to Google's own figures) attracted 5-10 million downloads.
When you install an infected app, your phone's behaviour will appear normal for as long as 30 days, which serves to mask the culprit of what comes next.
What comes next is a barrage of ads every time you unlock your phone. These warn you about a security problem, tell you that your phone is out of date, or notify you that it is full of porn. In each case, you're offered a button to help fix this issue.
Read More: Android 5.0 Lollipop tips and tricks
Those who are foolish enough to agree will be redirected to more harmful software on fake app stores, including apps that send premium SMS messages or collect personal data. Surprisingly, some users get redirected to legitimate security apps on the Google Play Store.
According to Google, the apps listed in this report have now been suspended, but the worry is that there are more of them out there. As always on Android, stay away from dodgy-looking apps with poorly worded descriptions.