Just last week Google removed around two dozen applications from the market because of more Malware and virus problems. Apparently there were leftovers from the “DroidDreamLight” malware and Google had to flip the switch and remove them for our protection. It looks like more details are emerging about another version that works just the same way and they are calling this “DroidKungFu”.
This news comes from a North Carolina State University Blog, they discuss that the new DroidKungFu works exactly like DroidDream but have developed an advanced way to get past mobile security applications such as Lookout. According to them The malware installs a “backdoor that gives hackers full control of your phone”. This way all the user data is exposed and, even more, “they can turn your phone into a bot – and basically make your smartphone do anything they want”.
From what we are reading these are mostly showing up on 3rd party app stores and chinese sites, as well as shady looking applications so just use caution and only download from a reliable source and read the comments and you should be fine. They do mention this only affects Android 2.2 and earlier versions and that Google has fixed this vulnerability in Android 2.3[via North Carolina State University Blog]