TeaBot malware has been spotted on the Google Play Store posing as a QR code app, already spreading to more than 10,000 devices.
Its distributors used this trick in January, and while Google ousted those entries the malware has found its way back onto the Android repository.
Cleafy, an online fraud management and prevention company, reports that the applications act as droppers, submitted without malicious code and with minimal permissions, making it difficult for Google to identify any potential threat.