The malware, Infosecurity notes, is spread by the apps in the fake Android Market, which may also pose a security risk depending on the auto-login process used.
According to Tim Wyatt, a software engineer with Lookout, the trojan malware in the infected apps - which is spread through in-app advertisements - is called GGtracker.
When the user clicks on an ad for, for example, a battery saving utility or adult content - the Android browser directs the user to a fake Android Market web site.
Wyatt says his research suggests that the trojan signs up users to number of premium SMS subscription services without the user's consent, which can then lead to unapproved charges on the user's cellular phone account.
The good news - for UK Android users that is - is that the trojan appears to be geared up to US premium rate subscription deals, although it remains to be seen whether the short coded are multi-national in nature.
The Lookout software engineer says that the rogue subscriptions are triggered with GGtracker contacting a malicious server in the background of the app.
"Malicious behaviour is primarily driven on the back-end server with the device used to intercept crucial confirmation data in order to charge users without their consent", he says in his security blog.
"For example, in one of the services a user must typically answer 10 questions, enter a device's phone number and type a PIN code received via SMS in order to sign up for the premium service", he adds.
Wyatt goes on to say that users of Lookout's free and premium Android security software are protected from the GGtracker trojan.
In addition, he asserts, with safe browsing - a Lookout Premium feature - users will also be warned against visiting the malicious websites.
As the frequency of these threats increase, he says that users need to look carefully at the pages they land on from an advertisement, to make sure it matches the site you are ostensibly being sent to.
"Only download apps from trusted sources, such as reputable app stores and download sites. Remember to look at the developer name, reviews, and star ratings. If they claim to have sent you to the Android Market, check to make sure you are actually in the Market before downloading anything", he says.
"Be alert for unusual behaviour on your phone. This behaviour could be a sign that your phone is infected. These behaviours may include unusual SMS messages, strange charges on your phone bill or unusual network activity", he adds.
Finally, Wyatt advises Android users to download a mobile security app for your phone that scans every app you download to ensure it is safe.