Webroot researchers have recently unearthed two apps that install additional fonts on an Android device, but also offer a way in for spyware.
The apps in question, Free Galaxy Classic Fonts and Galaxy Fonts, have since been removed from Google Play, but are still offered on their developer's official website.
Once the user downloads and runs one of the apps, and requests it to download and implement a new font, the app downloads the ikno.apk file - a spying app that forwards SMS, call logs, and location information to a web portal where the person doing the spying can review the information.
The official developer's site apparently offers users to download iKno from the Android Market, but the users actually downloads it from the site.
My theory is that this option is for those who willingly install the app on a target device (probably when its owner is not present), and the font apps on Google Play were used to make the target unwittingly install the spyware after the attacker recommended the apps to them.
As the apps have been removed and the Google Play account offering them has been shut down, it's impossible to tell whether the permissions requested by the apps indicate their secret nature - but the odds are they have.
Unfortunately, many users don't even review them, so investing in a good mobile security solution is a good idea.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.