Proving that flashlight apps are still as sketchy as ever, Google LLC has removed 22 malicious flashlight apps from Google Play after cybersecurity company Check Point Software Technologies Ltd. discovered that the apps were loaded with adware.

Apps containing the adware, which Check Point calls “LightsOut,” had been downloaded by between 1.5 million to 7.5 million Android users before they were finally removed from Google’s store.

According to Check Point, LightsOut forces users to interact with ads before allowing them to answer calls or perform other activities on their device. The ads could be triggered by a number of different events, including ending a call, plugging in a charger, locking the device and  others. Check Point said that LightsOut could override user settings to disable the ads, and some users still saw the ads even after they paid for a supposedly ad-free version of the infected app.

“Despite the vast investment Google has recently made in the security of their App Store, ‘LightsOut’ reminds us once again that users need to be wary of downloading from App Stores and are advised to have a ‘Plan B’ in the form of an advanced mobile threat defense solution that goes beyond anti-virus,” Check Point said in a blog post. “Many users are still unaware of the dangers lurking for them, and continue to install apps such as fishy flashlights.”

Check Point’s discovery raises several questions about the effectiveness of Google’s security for its app store, and this is not even the first time that Check Point has informed Google about malicious apps on its platform. Check Point alerted Google in May about a malware named “Judy,” which infected up to 36.5 million devices. Less than two months later it alerted Google about another malware called “CopyCat,” which infected at least 14 million devices.

In interview with Fortune, Check Point security researcher Daniel Padon praised Google’s success in blocking more serious threats such as ransomware, but he noted that Google has trouble spotting subtler malware that users might not notice for some time. According to Padon, malware downloads on Google Play more than doubled between 2016 and 2017, and he encourages consumers to download security software for their devices.

Padon added that users should probably also stop downloading flashlight apps in the first place.

Photo: Blogtrepreneur via Flicker (license)