Millions of Android users may have unwittingly installed a Trojan known as Android.Counterclank, making it the most widely distributed piece of malware on Google's smartphone operating system.
A group of three publishers have distributed Android.Counterclank within apps on the Android Market. It is a version of the older Android.Tonclank and has been found in 13 apps which have a combined millions of times.
"The combined download figures of all the malicious apps indicate that Android.Counterclank has the highest distribution of any malware identified so far this year." said Symantec in a blog post.
Symantec explained that the malicious code has been put into the apps inside a packet named "Apperhand" and that a compromised device can have data stolen or be made to carry out certain tasks without permission.
At the time of writing only five of the apps are still on the Android Market place, including Sexy Girls Photo Game and Deal & Be Millionaire. The latter has had between one million and five million installs in the past 30 days.
The Millionaire app page also reveals some strange permissions on installation, including access to the phones features which can determine the phone number and serial number of the phone.
One user reported seeing suspicious activity on their phone after installing the app, giving an insight into how it affects a device.
"It requests the ability to add/remove icons to your home screen! Upon running the game for the first time it adds a suspicious 'Search' icon to your home screen," they said.
Symantec confirmed the search icon as a sign of infection.
"We disagree with the assessment that this is malware, although we do believe that the Apperhand SDK [software development kit] is an aggressive form of ad network and should be taken seriously," it said.
Symantec said it is still investigating the issue and will post further information as it becomes available.