Malware called "DroidDream" has infected more than 50 apps in the Android Market as discovered by a Reddit user named Lompolo, and Android Police.
The apps have since been removed by Google from the Market but the malicious code likely remains on the devices the apps have been installed on, which is estimated to be around 200,000.
Trend Micro Senior Security Advisor Rik Ferguson recommends affected users either replace their handset or reinstall the OS.
Full list of infected apps here
Google is using Android's "kill switch" feature to remotely remove the malicious apps from affected devices and in the process is also writing new code to the devices that nullifies the exploit. More at BGR