No matter how much Google does to convince consumers it is good and open, continued reports of malware will hurt its reputation. Google already had to remove apps containing malware once and a report in May said malware on the store grew 400 percent. Now, Google removes more malware.
Unlike other code embedded in apps that have appeared in the market, Plankton doesn’t rely on a vulnerability to “root,” or gain complete control of the smartphone, said Brandt. Once the victim has installed the bogus app, however, Plankton can call in other files from the hacker-controlled server, including ones that would exploit one or more unpatched Android bugs.