Android malware that automatically downloads paid apps and content from China Mobile’s Mobile Market has been identified by mobile security company TrustGo. 

The malware – which TrustGo Security Labs has dubbed Trojan!MMarketPay.A@Android – downloads apps without the user’s knowledge, with the cost being added to phone bills. More than 100,000 devices are estimated to have been infected, with the program also found in nine app stores in addition to Mobile Market, according to TrustGo.

Users normally receive an SMS message containing a verification code in order to download paid content, but the malware intercepts the message and activates the download without the user being aware it has taken place. If a ‘captcha’ code is required, it is referred to a remote server where it can be worked around.

The malware has been spread via a number of repackaged apps using popular Chinese brand names such as microblogging service Weibo and parent company Sina Corporation, as well as technology company Travelsky and the GO Weather app.