Mobile operating systems are not immune to malware, and it looks like Android has been targeted by a nasty one. According to Forbes, North Carolina State University professor Xuxian Jiang, has discovered a new malware threat that when installed, can evade virus scans and permission requests. The code is clean when it is installed making it undetectable, but it is capable of downloading new malicious code after being installed for hours or days. It even hides its data transfers in the phone's communications.
Although this specific exploit has not been found in the Android Market to date, be very cautious when downloading new apps. You should be very wary of trying to use pirated apps.
The code it downloads includes an exploit known as “GingerBreak” that gains complete access to the device, allowing the cybercriminals to use any of the phone’s functions at will: calling paid numbers, reading data, listening through the microphone or installing whatever other apps they want on the device silently. One app that Jiang’s team saw the sleeper app secretly install, for instance, was DroidLive, another malware specimen that profits by sending text messages to paid numbers.
Although this specific exploit has not been found in the Android Market to date, be very cautious when downloading new apps. You should be very wary of trying to use pirated apps.