Google has removed 17,000 apps from the Play store that have been conduits for the Joker malware. Joker is a billing fraud family of malware that emerged in 2017 but started appearing in earnest in 2019. It advertises itself as a legitimate app, but once installed, carries out either SMS fraud (sending text messages to premium-rate numbers) or WAP billing fraud. At peak times of activity, up to 23 different apps have been submitted to Play in one day. Google said that it detects and removes most of them before downloads occur.
Source: https://threatpost.com/joker-androids-malware-ramps-volume/151785/