By Bill Brenner, 
Well we always knew that Android was a security nightmare but SophosLabs has found three cases of SonicSpy-infused apps in Google Play:
Researchers from SophosLabs and elsewhere have found three cases of SonicSpy-infused apps in Google Play: Soniac, Hulk Messenger, and Troy Chat – messaging apps that hide their spying functionality and await orders from command-and-control servers.
Google booted the apps from its store after they were discovered. Researcher Chen Yu said the Google Play versions had “tiny installation numbers and existed for a very short time”. Though three were found on Google Play, SophosLabs has counted 3,240 SonicSpy apps in the wild. Some reports place the number at 4,000.
According to multiple reports, a single bad actor – probably based in Iraq – has released these apps into the wild since February.
To read more of this article: click here