Three messaging apps in the Google Play Store contained a spyware called SonicSpy, according to mobile security firm Lookout.
The developer also created more than 1,000 malware samples that made it to third party Android app stores.
The SonicSpy spyware gives attackers significant control over the affected device. The spyware gives the ability to silently record audio, take photos, make outbound calls, send text messages and retrieve call logs, contacts and information about Wi-Fi access points, according to Lookout.
The infected apps that made it to the Google Play store include Soniac Messenger, Hulk Messenger and Troy Chat. Soniac Messenger has been downloaded between 1,000 and 5,000 times, according to threatpost.com. All three apps are no longer available on the Google Play Store, but it is unclear whether Google or the developer removed them, according to Forbes.
The additional 1,000 apps from third-party app stores were customized versions of popular apps like Pokemon Go, Netflix and Clash Royale, according to threatpost.com.
To avoid SonicSpy, Android owners should not download apps from unknown sources and read users reviews. Apps that are suspicious will often have lower ratings in the Google Play Store, according to KCRA.