Android users around the world have been hit by a data theft exploit, masquerading as an application for downloading background wallpaper to the device.
Mobile security firm Lookout has said that millions of Android users have downloaded a malicious wallpaper application designed to send sensitive user information, including browsing history, SIM card numbers, text messages and voice mail passwords, to a website owned by a person in Shenzhen, China.
The discovery of the application was announced by the company during the Black Hat Security Conference in Las Vegas.
According to tech blog AppleInsider, the application was available for free at the Google Android Market,and appeared to allow users to download free custom-made wallpapers for their smartphones.
The application sent the collected user information to 'www.imnet.us'.
Lookout says that the application has been downloaded between 1.1 and 4.6 million times.
The presence of the application in the Android Market has highlighted the dangers of a freely accessible application market, causing experts to call for more detailed checks on applications before they are allowed into the store.