The San Francisco-based mobile security company said that, like the June campaign, last Friday's DroidDream Light malware launched itself without user interaction after it was downloaded. DroidDream Light is a stripped-down version of the March attack code.

Once on an Android smartphone, DroidDream Light can prompt owners to download other apps from the market, bait users with a malicious URL or even automatically download more apps to the device.

But Lookout's report was not the only one making the rounds.

On Monday, Xuxian Jiang, an assistant professor in computer science at North Carolina State University, chimed in with a , which he dubbed "HippoSMS."

Jiang has published several Android alerts in the last six weeks, including one last month after he on the Android Market.