Known as the Android Geinimi, this threat is found in infected legitimate applications, and widespread in third party Android app markets. Prior to install, the malware requests more permissions than the legitimate application to access greater Android functionality. Once installed, the malware proceeds to capture personal data and send it to remote servers controlled by cyber criminals. Like many Android attacks, it also comes complete with bot capabilities so it can receive command and control commands.
(Image provided by Webroot)