Affiliate links on Android Authority may earn us a commission.Learn more.
Android malware hidden in QR code apps infects 1 million users
July 19, 2025
A new strain of Android malware is said to have infected at least a million users while hidden inside seemingly harmless apps.
Six QR readers and a smart compass app contained the malicious code, which initially went undetected by Google’s Play Store security checks. The apps were downloaded more than 500,000 times before Google pulled them.
The malware, calledAndr/HiddnAd-AJ, was discovered by researchers atSophosLabswho published an article about their findings last week (viaZDNet). The code lies dormant on devices until six hours after installation when it bombards affected devices with ads and notifications; it’s intended to generate ad revenue clicks for the perpetrators.
SophosLabs
SophosLabs didn’t provide names for the seven apps responsible but you can see four of them in the image above. If you suspect one of your apps contains the malware, you can try reinstalling it—if you’re able to, you’re in the clear, since Google has removed the offending apps from the Play Store. Google’s Play Protect scanning feature may have already notified you of the problem also.
TheGoogle Play Storeis home to more than 3.5 million apps and features arobust security system. This helped Google remove 39 millionpotentially harmful appsfrom the store in 2017, while the company also has an ongoingrewards schemefor those who discover vulnerabilities there. It remains the safest place to download Android apps and games, though it isn’t foolproof, as we’ve seen problematic contentslips through the cracksfrom time-to-time.
For some tips onstaying secure with Android, hit the link, and give us your thoughts on the latest news in the comments.
Thank you for being part of our community. Read ourComment Policybefore posting.
