There are reports that at least 50 Android apps which are officially available from the Android Marketplace contain a virus. According to an analysis, these virus-laden android apps have been downloaded at least 200,000 times since their launch.
These malicious Android apps were in fact copies of some already existing apps which were especially repackaged after including the said virus in them and then made available in the Android Marketplace. After this news came to the knowledge of Android Marketplace, they removed these malicious apps from their app store.
Lompolo, a Reddit user, has been reported as the one who first discovered that these apps contained virus in them. He saw an app in the Android Marketplace, which was listed under the name of a publisher whom he knew was not the original writer of the app. The virus laden app was just a copy of the original app with a changed name but with a virus code packed in it.
According to Android Police, a mobile security website, Lompolo then researched on further such suspected apps in the Android Marketplace and identified 21 apps containing the same viral code. These virus-laden apps were not only listed in the official Android Marketplace but were also available in the unofficial Android app stores.
After getting installed and run, the virus code (named DroidDream) in the app sent sensitive data e.g. the unique ID number of the phone to a server via internet.
The virus code checks if the device has already been infected with the virus, and if not, it breaks through the mobile security controls to give the control of the mobile device to the creator of the virus through remote connection. The creator of the virus can then install any program on the mobile remotely or copy or destroy any information on the Android phone.
Good news for the users of the latest Android OS, Gingerbread, is that they are not prone to the exploits of the DroidDream virus.