A study of Android applications has found that a fifth of the programs on the Android Market are able to get unfettered access to private data stored on Android-based smartphones.
The report also discovered that some apps could potentially make voice calls and send SMSs without first seeking the permission of the user, with five per cent of the 48,000 apps available for Android possessing this slightly worrying trait.
There are fears that malicious developers could use this to automatically rack up high phone bills by having apps secretly call or text premium rate numbers operated by the firms, according to SMobile Systems.
SMobile has not directly identified any actively malicious apps, but it does say that there are the necessary tools out there for exploitation under inappropriate guidance.
"Just because [the app is] coming from a known location like the Android market or the Apple App store (with the iPhone) doesn't mean you can assume that the app isn't malicious or that there is a proper vetting process," said SMobile's Dan Hoffman.
Mr Hoffman also said that several apps were known to posses spyware tendencies and that such malicious apps were a growing issue in the mobile security industry.
Responding to the report, a Google spokesperson played down the company's claims and alleged that its report "falsely suggests that Android users don't have control over which apps access their data".
He added: "Not only must each Android app get users' permission to access sensitive information, but developers must also go through billing background checks to confirm their real identities and we will disable any apps that are found to be malicious."