Up to 10 million Android smartphones have been infected by malware that generates fake clicks for adverts, say security researchers.
The software is also surreptitiously installing apps and spying on the browsing habits of victims.
The malware is currently making about $300,000 (£232,000) a month for its creators, suggests research.
The majority of phones that have been compromised by the malicious software are in China.
A spike in the number of phones infected by the malware was noticed separately by security companies Checkpoint and Lookout. The malware family is called Shedun by Lookout but Hummingbad by Checkpoint
In a blogpost, Checkpoint said it had obtained access to the command-and-control servers that oversee infected phones which revealed that Hummingbad was now on about 10 million devices. China, India, the Philippines and Indonesia top the list of nations with most phones infected by the software.
Hummingbad is a type of malware known as a rootkit that inserts itself deep inside a phone's operating system to help it avoid detection and to give its controllers total control over the handset.
The ability to control phones remotely has been used to click on ads to make them seem more popular than they actually are. The access has also been used to install fake versions of popular apps or spread programs the gang has been paid to promote.
"It can remain persistent even if the user performs a factory reset," wrote Kristy Edwards from Lookout in a blogpost. "It uses its root privileges to install additional apps on to the device, further increasing ad revenue for the authors and defeating uninstall attempts."
Ms Edwards said the recent spike in infections could be driven by the gang behind the malware adding more functions or using their access to phones for different purposes.
The malware gets installed on handsets by exploiting loopholes in older versions of the Android operating system known as KitKat and JellyBean. The latest version of Android is known as Marshmallow.
In a statement, Google said: ""We've long been aware of this evolving family of malware and we're constantly improving our systems that detect it. We actively block installations of infected apps to keep users and their information safe."
Google released the latest security update for Android this month and it tackled more than 108 separate vulnerabilities in the operating system. So far this year, security updates for Android have closed more than 270 bugs.
- Accra is second most expensive city in the world – Survey
- Complete abandoned E-block if you are frustrated – Akufo-Addo tells Aflao chief
- Shatta Wale remanded in police custody for one week
- Lil Win unites with Funny Face at Kaneshie District Court
- Kofi Kinaata drops visuals for Thy Grace singles
- Google agrees to integrate Ghana’s GPS into Google map system – Bawumia
- Ambassador to Italy, Eudora Quartey-Koranteng has died
- ‘I made a mistake’ – Akufo-Addo apologises for Cape Coast harbour comment
- Prof Nana Aba Appiah Amfo is 1st female Vice-Chancellor of University of Ghana
- Ursula Owusu-Ekuful could be NPP’s running mate in 2024 – Kwesi Pratt hints
Minority to file a motion seeking answers on the state of E-block projects
Prof Kwadwo Appiagyei-Atua: Intrusion of national security details on campus a violation of academic freedom and democracy
Onion Sellers Association thank Akufo-Addo for relocation to Adjen Kotoku
World Cup Qualifiers: Ethiopia to host Ghana in Johannesburg
Stop conniving with foreign tile makers to shortchange Ghana – Mireku Duker to illegal clay miners
What makes a successful entrepreneur? – SamBoad Group CEO tells young Ghanaians
OccupyGhana’s letter to Special Prosecutor on unconstitutional time extension for public officers’ assets/liabilities declaration
MTN Group receives recognition on Fortune’s Change the World list
Ghanaian teachers are among the best in the world – Yaw Adutwum
Exports, fixed investment to contribute 0.8% to GDP in 2021 – Report
Fire guts house at Kwamo
Africa Makeup Fair, Awards slated for November
Pornhub owner settles with Girls Do Porn victims over videos
Paris Hilton pushes for US youth care abuse reform
Tax cheat schemes cost governments billions