Up to 1.5 million Android users may have suffered a serious data breach after downloading malicious apps, according to Symantec.
The security giant identified three apps, all posing as pornographic wallpapers, that were available through Google Play for more than 30 days, despite pornography being banned from the store.
Once downloaded, the app steals the user's Googlemail address, GPS co-ordinates, handset IMEI number and network operator information.
This data is then transmitted by the app back to a remote command-and-control server.
Analysis run by Symantec showed all three apps were from the same developer and are all identified by the company as Android.Coolpaperleak.
The organisation also discovered the apps were not a modified version of a safe app, but were malicious from the beginning.
"The erotic and porn industries are the most browsed on the internet," said Lionel Payet, a Symantec threat intelligence officer.
"If you just combine the most downloaded type of apps (wallpapers) with the erotic and porn industries, you will have in your hands the perfect chemistry for a top download application in no time."
This new threat comes on the back of research by fellow security player Kaspersky Lab, which showed 99 per cent of mobile malware was targeted towards the Android operating system.
Two of the most prevalent malwares detected, Opfake and Fakeinst, were so-called premium SMS diallers, which send SMS messages from a user's phone to a premium rate service without their knowledge.
Similar SMS scam apps pretending to be official London 2012 gaming apps were also found to be targeting Android users in the summer.
Kaspersky claimed the reason Android devices were popular targets was not because of how widely used the operating system is.
"The core security issue...can be traced back to the lax security of the Google Play marketplace, especially in comparison to the Apple iOS App Store," the company said.
"Surely more of the same is in store for 2013," it added.
-
Why keeping track of AI assistants can be a tricky businessColumn Making the most of AI assistants means understanding what they can do – and what the workforce wants from them
-
Nvidia braces for a $5.5 billion hit as tariffs reach the semiconductor industryNews The chipmaker says its H20 chips need a special license as its share price plummets
-
Power stations under attack from long-running hacking campaignNews Dragonfly threat group is ramping up activities, say researchers
-
Symantec profits surge as firms prop up their cyber defencesNews The company also announced plans to sell its web certificate business
-
Symantec to pay $4.65 billion to acquire Blue CoatNews Greg Clark to become Symantec CEO, promising new cloud security
-
Symantec ditches reseller guilty of scamming PC users
News Silurian told people they had malware, then sold them Norton Antivirus for $249
-
NATO builds up cyber alliance with Symantec tie-inNews Military industrial link up to fight cyber attacks
-
Junk emails fall to their lowest rate in 12 yearsNews Spam is dropping, says Symantec, but other malware threats are on the rise
-
Kaspersky: "We have never been asked to whitelist malware"News A company blog has revealed neither government nor any other entity has asked it to stop detecting malware
-
Symantec confirms split into separate security & storage entitiesNews Storage and security will be separated as Symantec tries to boost sales in both
