The offending apps were downloaded more than half a million times before being pulled from the Google Play Store, according to SophosLabs.
You just never know where that malware might be lurking. Even that seemingly harmless QR code reader could've been a target of crooks.
That's what SophosLabs security researchers discovered last week, according to a report we learned about on CNET sister site ZDNet. Sophos detected malware that it said had infiltrated the Google Play Store by way of seven different Android apps: six QR readers and one smart compass.
Callled "Andr/HiddnAd-AJ," the name hints at what the malware does. It blasts users with ads, but "only after lying low for awhile to lull you into a false sense of security," Sophos' Paul Ducklin wrote on the company's Naked Security blog.
"Following installation, the malware waits for six hours before it begins work on its true purpose -- serving up adware, flooding the user with full screen adverts, opening adverts on webpages and sending various notifications containing ad related links," wrote ZDNet's Danny Palmer.
Sophos said the sneaky malicious apps were downloaded 500,000 times before they were pulled by Google, which didn't immediately respond to a request for confirmation and comment.
Security: Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.
Blockchain Decoded: CNET looks at the tech powering bitcoin -- and soon, too, a myriad of services that will change your life.