The BBC reports that about 50 virus-infected apps have been removed from the Android Marketplace.
Apparently, the authors of the malware took legitimate apps, injected them with malware, and then republished them under under a different name from the legitimate author. From the story:
The virus-laden apps were discovered by a Reddit user called Lompolo who realised that one program was listed under the name of a publisher he knew had not written it.
He found that the app, which let people play guitar on their handset, was the same as the original but for a name change and some virus code buried within it.
Lompolo said the rogue apps had been downloaded between 50,000 and 200,000 times since they were placed on the Marketplace.
Unfortunately, the article did not have a list of the infected apps, which have already been removed from the Android Marketplace. If I find a list, I’ll link it up.
The Android Marketplace is much more open than the Apple App Store.
Consequently, users must be careful to read the security warnings when they install an app. Say, for example, you are installing a solitaire game and the warning says that it wants access to the the GPS and phone. Frankly, I’d consider that a good reason to look for a different solitaire game.
Google has thrown the kill switch to remove the malicious apps from phones.