Eugene said:
Dave,
Thank you very much for the response.
I've realized that I made my question too broad in
scope. Let me narrow it down to my particular situation.
I get my Android apps from the Market only. I download
only ones that have tons of users and good reviews.
I believe it's unlikely that I would install a malicious
by design application.
So, the classic trojan vector is practically a non-starter, but there
are other non-viral vectors besides the classic trojan.
So, my question is: How likely to meet an Android
application that acquired its malicious payload (got
infected) without its authors knowledge? Not a Trojan
but virus infection?
Good question, I think viruses are much less likely than
some other forms of malware. However, antivirus programs
can be helpful in detecting non-viral malware that may
gain entry through a vulnerability in said application.
A very good percentage of attacks are against application
software that has tons of users and good reviews.
)