After several days of silence on the issue, Google has confirmed that it
removed several malicious apps from its Android Market earlier this
week and said that it would remove the apps from users' devices as well.

Only devices running an Android version earlier than version 2.2.2 were
susceptible to the rogue apps, which took advantage of known
vulnerabilities, the Internet giant reported late last night in the Google Mobile blog.
The company believes the only information accessed by the apps were the
unique codes used to identify the the specific device and the version
of Android that it was running.