Booby-trapped Apps from the official Android Marketplace may have been downloaded up to 200,000 times, with Google having to withdraw more than 50 virus-infected apps.
The dodgy applications were copies of existing applications which had been re-packaged with a code to currupt them using malware DroidDream.
DroidDream is said to fire sensitive data, such as a phone’s unique ID number to a remote server, giving access to personal information including passwords.
The problem was noticed by a Reddit user, who discovered that an application which teaches people to play the guitar on their mobile was copied from the original with a new name as the publisher.
The user, named Lompolo, discovered 21 infected Apps, but following an investigation by mobile security site Android Police, it is thought the final tally will be more than 50, said the BBC.
The apps are also said to be available on unofficial Android sites.
Google has not issued a statement about the infected applications as yets, but according to the UK Daily Mail, the latest Android OS, Gingerbread, is not vulnerable to the infected Apps.