Google has kicked 24 apps off of its official Android app marketplace after spyware was discovered in them.

A new spyware has been making the rounds in Android apps on Google Play, infecting victims post-download to steal their SMS messages, contact lists and device information. In addition to stealing victims’ information, the malware also stealthily signs them up for premium service subscriptions that could quietly drain their wallets.

The malware, dubbed “the Joker” after one of its command-and-control (C2) domain names, has been seen over the past few weeks in 24 malicious apps – with a total of 472,000 installs – on the official Android app marketplace, warn researchers. A Google spokesperson told Threatpost that the apps have since been removed from Google Play.