According to a BBC report, a malware bug capable of sending spam and buying event tickets from infected phones has spread to thousands of Android devices.
Mobile security firm Lookout have called it the most sophisticated bug they have seen for mobile devices, claiming that it is as complex as the malware that targets desktop PCs.
The report claims that the bug has been in existence since 2012 and is in its third iteration after being recently rewritten by the cyberthieves who created it.
Security analyst at Lookout, Jeremy Linden told the BBC that the latest version of NotCompatible features "end-to-end encryption, peer-to-peer networking technologies and stealthy operating procedures," in order to make it much harder to discover and remove from infected Android smartphones.
Phones infected become part of a collective network that is then rented out by the cyberthieves to crime groups who require these Android devices to send out malware and spam.
Linden went on to add that infected phones have been used in a number of different ways, these include sending spam, attacking blogs and buying event tickets for resale profit.
Android users are being warned about downloading applications that require security updates to be installed before they can run as this is a common method of malware infection.
WireLurker and Masque Attack are the two iOS bugs that have been recently discovered and both base themselves around stealing data from compromised iPhones so that cyber criminals can make phishing spam appear more plausible.