Two dozen mobile apps were removed from the Android Market after Google discovered that they were infected with malicious code that compromised user data.

The infected apps secretly gather the IMEI (international mobile equipment identity), IMSI (international mobile subscriber identifier), and other personal details in the handse. According to a report from the A Register as many as 120,000 users have already downloaded the Trojans before they were detected.

Not only will the apps gather user information, other apps were also a mobile botnet. The apps had an additional code that will trigger upon receiving a text message. The code will then connect to a server and transfer details about the infected phone to the authors of the malware.

The problem was discovered when a developer found modified versions of his app being distributed in the Android Market. Lookout, a mobile security firm, confirmed that the apps were infected with the malware and connected the code with the malicious code "Droid Dream". This isn't the first instance that DroidDream has infected the Android Market. Last March Lookout also discovered 50 malicious apps in the market.

Lookout has identified 26 infected apps. Some of the infected programs include titles such as: Sexy Girls, Hot Girls, Floating Image Free, System Monitor, Super StopWatch and Timer, System Info Manager, Call End Vibrate, Paint Master, Super Color Flashlight, Volume Manager, Super Photo Enhance

The Android Market seems to have been targeted because of the lax rules Google imposes on the users and developers participating in the market. Google relies on users and security researchers to identify malicious apps. The company doesn't check the apps being sold for malicious threats.

The best way Android users can protect themselves from future attacks is to download apps only from trusted sources, check the permissions that an app requests and to use a mobile security app.