Google yanked two malicious apps masquerading as popular video games.
The two affected apps were passing themselves off as versions of "Super Mario Bros." and "GTA 3 Moscow City," according to InformationWeek.
Symantec first noticed the affected apps and contacted Google, but not before they were downloaded more than 50,000 times since they showed up in late June. The malware was a Trojan app know as Dropdialer, which once installed, downloads software which allows it to "send messages to premium-rate SMS numbers in Eastern Europe," or also known as toll fraud.
"What is most interesting about this Trojan is the fact that the threat managed to stay on Google Play for such a long time, clocking up some serious download figures before being discovered," Symantec security researcher Irfan Asrar wrote in a blog post. "Our suspicion is that this was probably due to the remote payload employed by this Trojan."
The app made it through Google's security by hiding its secret payload.