A trojanized version of the tool has also emerged (we detect it as Trojan:Android/Bgserv.A). Interesting preliminary analysis of the trojan is available in Symantec's blog.
You can see the difference by checking the application info of the authentic versus trojanized versions:
Android Market Security Tool:
Here's a screenshot of the content/package itself:
Once installed, Trojan:Android/Bgserv.A obtains the user's phone information such as IMEI and the phone number. The information is uploaded to http://www.youlubg.com:81/Coop/request3.php.
Again, this malware appears to be specific to a mainland Chinese network, as it contacts the number 10086 (related to China Mobile Net) and uses the new APN with the name "cmnet" inserted in the APN list.
This malware may lead to high data usage on the infected device, leaving the user with a high phone bill.
Interesting note: the malicious code doesn't seem to be restricted only to the Android Market Security Tool; the same behavior also appears in other Android applications, according to AegisLab's blog.