Mobile security firm Lookout said that “multiple applications available in the official Android Market were found to contain malware that can compromise a significant amount of personal data,” following a similar issue reported in March 2011. According to the company, 26 titles were infected with a “stripped down” version of the DroidDream malware from the earlier instance, across five different developer accounts. It said that “at this point, we believe that between 30,000 and 120,000 users have been affected by Droid Dream Light.”

It appears that the miscreants took existing, genuine Android apps and added DDL, before re-submitting them to the store using a different account. On receipt of a voice call or text message, the infected app transmits user data including the handset IMEI, IMSI, model and SDK version to a remote server.

Affected apps cover a range of categories, from image-based (HOT Girls 4, Beauty Breasts, Sex Sound: Japanese) to utilities (Delete Contacts, Quick Uninstaller, Volume Manager) and games (Bubble Buster Free, Solitaire Free). Google was reported to have removed the apps affected, pending an investigation.