FROM ANDROID CENTERAL
Not a single instance of this malware was reported from coming from an app in the Android Market.<sic> That's not to say malicious apps haven't made it into the Market before -- it's happened, (more...)
In addition to the post above, this theoretical trojan could not record the phone call unless a user granted the app permission
. Folks should pay attention to permissions requested and if an app is asking for rights it doesn't need do not install.
It's not just malware that tries to access users data. Apps like tweeter, Facebook, Goodreads, Qik, etc... require access to sensitive data--contacts and such. A user should never blindly install an app. Look at what an app is trying to access and decide if they trust the company enough with your data before installing.
Last point its the user that's the best defense against malware.