Malware writers have injected code into repackaged versions of a recent Google Android security fix.
Researchers at Symantec spotted a third-party Chinese marketplace site which is believed to be distributing a version of the Google Android malware fix laced with "suspicious" code.
The application presents itself as a malware fix distributed by Google earlier this week. The 'killswitch' fix addresses a recently detected pack of over 50 malware-infected applications that briefly made their way onto the Android Market.
The fix was automatically distributed to affected users and the official software from Google does not contain any malicious or potentially harmful code.
The repackaged and infected third-party software, however, contains code that could possibly cause Android devices to connect with a command-and-control server.
"Analysis of the application is still ongoing. However, what is shocking is that the threat's code seems to be based on a project hosted on Google Code and licensed under the Apache Licence," Symantec researcher Mario Ballando wrote in a blog posting.
A Google spokesperson told V3.co.uk that users should always obtain Android updates directly from known and trusted sources.
Apple has published research detailing a new self-driving car approach
Apple has reportedly bought VR specialist Vrvana for $30 million
Today's Budget will have a huge impact on technology
Samsung has unveiled plans to launch a new AI research centre.