Four hundred apps have been found to be affected with "DressCode" malware on Google Play Store, a report said on Thursday.
"DressCode" malware allows threat actors to infiltrate a user's network environment.
If an infected device connects to an enterprise network, the attacker can either bypass the NAT device to attack the internal server or download sensitive data using the infected device as a springboard, said the report by software security leader Trend Micro.
Trend Micro's "Mobile App Reputation Service" (MARS) has counted 16.6 million malware detections as of August this year -- a 40 per cent leap from detections listed in January.
The apps affected include recreational types like games, skins, and themes to phone optimisation boosters. The malicious code only makes for a small part of the app, making it difficult to detect.
With the rise of "Bring Your Own Device" (BYOD) programmes, more enterprises are exposing themselves to risk via carefree employee mobile usage.
According to Trend Micro data, 82 per cent of businesses implement BYOD or allow employee personal devices for work-related functions.
While this programme can increase employee productivity, it can also make companies vulnerable to malware like DressCode.
Trend Micro notified Google Play of these threats and the company took necessary steps to remove the compromised apps.