Researchers at Juniper Networks said in a blog yesterday that at least four Android Market developer accounts "have published pirated applications that were stuffed with malicious code that resemble the capabilities seen most recently in the Myournet/DroidDream family of malicious applications."
Dubbed “DroidDream Lite,” the new apps don't require a manual start of the Droid application -- the malicious code is invoked upon receipt of a phone call. After collecting data about the phone, DroidDream Lite can download and install additional applications and malware, the Juniper researchers say.
"It does not appear as if DroidDream Lite has the ability to install these additional applications in the background, so user intervention is necessary," the researchers say. "It is possible that the device identifying information that is collected will be used to register the device to the third-party server and used to allow infected devices to download the additional applications."
Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.