Android users- especially the ones who have got their phones rooted have been warned against installing apps which may turn their phones into zombies.
Trend Micro have explained it by stating that a library file in many apps detected as ANDROIDOS_BOTPANDA.A, has enough root permissions to connect to its command and control (C&C) servers and invoke processes remotely.
The malware found is smart and knows how to conceal its identity. When the app is installed, the library file runs the zombie service from your Android phone which connects itself to C&C servers.
Developed using NDK, a tool-kit used by Android developers to create apps, it instates itself using the Java Native Interface and creates a malicious library in your device called libvadgo.
This zombie malware may pave its way on your non-rooted phones through third-party app stores as well.
Source: The Droid Guy