Marble Security recently found malware pre-loaded on new Android devices—phones and tablets—from different manufacturers. It was a fake Netflix app that was sending passwords and credit card information to Russia.
The devices that contained the malware Netflix app included: the Samsung Galaxy Note tablet (GT-N8013), Samsung Galaxy S III phone (SGH-1727), the Samsung Galaxy Note 2 phone (SCH-1605), the Samsung galaxy S4 phone (SGH-1337), the Samsung Galaxy S III phone (SGH-1747), and the Samsung Galaxy S4 phone (SCH-1545). It was also found on three Motorola Mobility devices (e.g., the Droid Razr, Droid Bionic, and Droid 4); two Asus tablets (e.g., Eee Pad Transformer TF101 and the Memo Pad Smart MT301); and on LG Electronics’ Nexus 5 phone.
Supposedly this app was not loaded by the companies or any US partner but it’s still there and obviously a problem.
If you have an Android device you should be very careful what you download and install from the Google Play store. They review apps for security but sometimes things sneak in. Their reviews are not as rigorous as Apple’s App Store which is affected less by malicious code.