Google has pulled more than 50 malware-infected applications from its Android Market, but hasn’t yet triggered automatic uninstalls of those programs from users’ phones, according to ComputerWorld.
The apps were ‘Trojanized with “DreamDroid” malware to provide root level access to the Android smartphones, then connect them to a command-and-control server (C&C) which can issue orders to the devices. Once infected, attackers can do almost anything, including pulling data off the phone. The apps were available for about four days on Google’s official app store. All the apps were infected with the same malicious code, and came from three different publishers.
Between 50,000 and 200,000 copies of the apps were downloaded.