Certain Android phones (including some from ZTE) have malware pre-installed at the firmware level
Cosiloon displays unwanted ads over an Android user's browser
That's not to say that the U.S. is totally free of "Cosiloon." Avast says that in the past month it has found it installed on 18,000 devices used by Avast users in countries like Russia, Italy, Germany, the U.K., and yes, the U.S. In fact, the malware has been spotted in over 100 countries.
Avast has spoken with Google about "Cosiloon" and the company has been able to reduce the capabilities of the malware on several models. To make sure that there is some kind of protection in the future, Google Play Protect has been updated. And Google has spoken with developers to inform them of the problem, and to motivate them to come up with ways to combat this malware.