Malicious apps have become a persistent problem for Google, which has had to scrub the market several times since early March, when it pulled more than 50 programs able to compromise phones and remotely issue them commands.
Two weeks ago, Google suspended nearly three dozen malicious apps from the market. Experts tied the newer wave -- labeled "DroidDream Light" -- to the same group responsible for the Mach campaign.
Although Google may be scanning market apps for known malware, that does little good unless an antivirus company has crafted a signature that "fingerprints" the malware, Brandt said.
And with malware able to sneak into the Android Market -- and in some cases remain there for months -- it's unlikely Google has engineers scouring app code.
"It takes a lot of time and experience to evaluate code," said Brandt. "There are ways to do it in an automated fashion, but you really need a bit of human feel [to evaluate] commands and their sequence to tell if something's malicious."
Brandt's advice to Android owners?
"Use some common sense," he said. "These [Plankton] apps were supposed to do things like unlike "Angry Birds." But then why did they all ask for permission to connect to the Internet?"
Google was unavailable for comment late Sunday.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed. His email address is email@example.com.
Read more about mobile apps and services in Computerworld's Mobile Apps and Services Topic Center.