Android apps laden with adware were installed more than 30 million times before being removed from the Google Play Store, according to cyber security software provider Avast.

The company said in a blog published on 23 April that it discovered 50 adware apps on the Google Play Store, with installations of the apps in question ranging from 5,000 to 5 million.

According to Avast, the adware it found can be a nuisance for those who inadvertently installed it on their phones, as it results in persistent displays of full-screen ads. It also occasionally tries to convince users to install additional apps, the cyber security company said.

The Avast research uncovered two versions of the adware, which the company said tapped into third party Android libraries in a bid to bypass background service restrictions in newer versions of the mobile operating system. This let the adware display more and more ads to users — something that is against Google Play Store rules.

Of the two versions of the adware that was discovered, ‘version A’ was installed 3.6 million times, largely contained in game, fitness and photo editing apps, according to Avast. The ‘version B’ adware, meanwhile, was installed nearly 28 million times, and was included in fitness and music apps.

An example of one of the apps containing the adware (Source: Avast)

Avast claims the that the samples it found have since been removed from the Google Play Store, but not before tha adware was installed at least 30 million times by unwitting smartphone users around the world.

As noted by ZDNet, the disclosure of the adware discovery by Avast comes just days after fellow cyber security provider Checkpoint revealed its researchers had uncovered a series of apps found on the Google Play Store that were conducting fraudulent activities against ad agencies.

“In total, the malware was downloaded over 90 million times across 6 applications. Google was notified and removed the infected applications from Google Play,” Checkpoint said in a blog posted on 19 April.

According to Checkpoint, the so-called ‘PreAMo’ malware found in from leads fed to the researchers imitates the user by clicking on banners retrieved from three ad agencies: Presage, Admob and Mopub.