The search giant removed about 300 apps from the store after learning that these apps were being hijacked and used for distributed denial of service attacks.
ESET says it warned its followers on social media about the malware in early August.
It said that Google only started removing the apps after becoming aware of the attacks.
“The researchers’ findings, combined with our own analysis, have enabled us to better protect Android users, everywhere."
ESET said one of its detection engineers, Lukas Stefanko, was the first to notice the malware 20 days before the apps were removed from the store.
"We detected this infiltration as Android/HiddenApp and Android/Clickerand, plus we were one of the first to disclose this threat and how to get rid of it,” Stefanko said.
ESET said he had immediately reported the issue to Google.
“Once I discovered this threat we immediately informed users through our social networks to be aware of these malicious apps and with instructions how to uninstall them,"Stefanko said.