Seems like we've been hearing about the security vulnerabilities of Android apps for a while and here's a test case. Steamy Window is a silly little app where you get a screen that looks like it has steam on it, then you can draw on it like you would a fogged up car window. The app was apparently downloaded, hacked into, a Trojan Horse installed, and then the app was rereleased onto third party Android app sites that Google doesn't control. If you install the infected version (which of course looks exactly like the non-infected version) the app sends out hundreds of text messages from your account, installs other infected apps, and takes over your browser. The hack was reported by the security firm Symantec.

The Trojan can "install other applications, monkey with the phone's browser bookmarks, surreptitiously navigate to Web sites and silently send text messages, said Thakur. The last is how the criminals make money. 'The Trojan lets them send SMS [short message service] messages to premium rate numbers,' said Thakur, for which the hackers are paid commissions."

As a nonprofit news organization, Marketplace is on a mission that drives what we do every day: to increase economic intelligence across the country. But we can’t do it alone. Become a Marketplace Investor today, in whatever amount you choose, and your donation will go twice as far, thanks to a dollar-for-dollar match from The Kendeda Fund.

Become a Marketplace Investor today – in whatever amount is right for you – and keep public service journalism strong. We’re grateful for your support.

Follow John Moe at @johnmoe