Google removed the malicious applications, which silently mined digital currency on Android users’ phones.
Cryptomining continues to plague mobile devices after two more Monero mining apps were discovered in the Google Play store.
The malicious apps, named Mr MineRusher and SP Browser, were discovered by Avast Threat Labs this week.
Mining began as soon as connection was made, and was able to carry on without detection.
It operated in the background when the mobile phone screen was switched off and it was connected to WiFi.
Because cryptomining requires a large-scale computing power, however, the attackers weren’t able to gain a huge financial reward from these apps.
But though Avast did claim there was little to no security risk for victims, it did point out the complications for users.
Nikolaos Chrysaidos, head of mobile threat intelligence at Avast, told The Daily Swig: “In this case, there is little to no security or privacy risk to users.
“Nevertheless, a malfunctioning or inoperative mobile device is frustrating and inconvenient for the user who relies on it every day to watch videos, shop, bank, and communicate.”
He added that the “unsophisticated” software demonstrated the recent cybercrime trend of targeting mobile devices rather than a PC.
Chrysaidos explained: “What we do know is that there is a shift of focus from PC to mobile. Cybercriminals are broadening the scope of their work to develop and spread mining applications in Google Play and other devices connected to the internet.
“This attack could be part of this ongoing experiment or simply for financial reward. Although the profit made will be miniscule.”
The illegal apps were removed by Google when Avast reported its findings.
Last month, 19 apps were deleted by Google after Sophos reported they were mining Monero.