Chinese security researchers claim to have discovered a massive Android botnet that includes 1 million infected devices.

"The Android.Troj.mdk Trojan, first spotted by security firm Kingsoft Duba back in early 2011, is thought to be hidden in over 7,000 apps today, including many popular games such as Fishing Joy and Temple Run," writes The Register's Phil Muncaster.

"The Trojan ... gives the attacker remote control over the victim’s handset, collects contact lists, phone numbers, message details, geo-location data, photos or videos and pretty much whatever is stored on the compromised device," Bitdefender reports. "Plus, without the user’s consent, it downloads useless applications that slow down the smartphone, drain the battery or generate aggressive adware."


"A similar Android botnet, Rootstrap, infected more than 100,000 devices and scammed users into sending fake SMS messages last year," writes Threatpost's Christopher Brook. "That malware, much like Android.Troj.mdk, was largely confined to China and at the time was described as the largest mobile botnet documented to date."

"The warning comes as mobile Internet use in the country has soared, growing by more than 18 percent in the past year," BBC News reports. "There are now more than 420 million mobile users, according to the China Internet Network Information Center (CNNIC)."