Android users have been urged to check their security settings after a number of popular apps were found to be running up huge bills on victim devices.

Security firm Pradeo uncovered that several apps boasting hundreds of thousands of downloads were in fact so-called “fleeceware”, meaning unsuspecting users were hooked into signing up to premium-rate services that left them with major extra costs.

The apps were infected by a malicious bot known as Joker, which was able to stay undetected by the developers and the unknowing victims.

In total, Pradeo detected six apps infected by Joker, accounting for nearly 200,000 installs, infected by Joker, included security apps, scanners, SMS services, wallpapers and games platforms.

One of the apps, Convenient Scanner 2, has over 100,000 installs alone, meaning thousands of users could potentially be caught out by the scam.

“Joker is a malicious bot (categorized as Fleeceware) which main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unbeknownst to users,” Pradeo’s Roxanne Suau wrote in a blog post. “By using as little code as possible and thoroughly hiding it, Joker generates a very discreet footprint that can be tricky to detect.”

Pradeo notes that all the infected applications have now been deleted from Google Play, however they will remain installed on the devices of anyone that downloaded them from the app store.

The company is now urging users to delete any of the affected apps from their devices immediately.

The news comes shortly after a separate report claimed many Android phones may be storing ‘undeletable’ files and apps following a number of widespread attacks.

Data from Kaspersky found that many Android devices that had been hit by cybercrime could still be harboring malicious files or items without the user’s knowledge.