It hasn't been a great week for Android security news. First, the popular Samsung S6 Edge got a harsh security review; then Google patched a number of Android flaws, but you probably won't get the update; and now a new type of Android malware has been discovered.
In fact, it's three families of malware called Shedun, Shuanet and ShiftyBug, and they've been found in more than 20,000 popular apps. Once one of these gets on your phone, they can take total control, and the only way to get rid of them is to re-flash your computer's ROM (very technical) or buy a new gadget (very expensive). So, you definitely don't want to get them.
The reason these apps are so dangerous is that they get root access to your phone. Some people "root" their phones on purpose so they can install apps that the operating system wouldn't normally allow. However, you don't want a virus to do it.
Most apps only have limited access to your phone's operating system; just enough to do their job. However, root access means that an app can change the very foundations of the operating system. In this case, the virus even changes the recovery part of Android, so even a factory reset won't get rid of it.