Security researchers say that at least 400 apps in the Google Play store contain malware that would compromise a user's phone when installed.
According to TrendMicro, a particularly prevelant strain of malware found in the wild is called 'DressCode', which was first detected in April this year. It's also particularly dangerous to corporate networks, due to the way it spreads via internal networks.
The company says that at least 3,000 trojanized apps use this specific variant (detected as 'ANDROIDOS_SOCKSBOT), with more than 400 of those found present on the Google Play Store.
One of the more successful malware-ridden apps on Google Play is a GTA 5 Mod for Minecraft: Pocket Edition, which the Play Store shows as having been downloaded between 100,000 and 500,000 times.
The rest of those 3,000 variants of this strain of malware were found on third-party app stores, which require users to enable the installation of third-party apps before they can be used.
Once successfully installed on a victim's phone, DressCode allows the attacker a whole range of options, including gaining access to devices connected to the same network, controlling the phone and bypassing network security on a corporate Wi-Fi network.
It's generally safer to stick to installtion from the Google Play Store due to the vetting process, but clearly not in all cases.
Google has made efforts (and progress) in halting the march of Android malware in the last few years, but there's still some way to go.
Watch: Android N hands-on
Have you fallen victim to Android malware? Let us know in the comments below