From TechCrunch:

Security firm Lookout has detailed a clever new bit of Android Malware lurking in the Google Play store. The good news: unless you’re downloading questionable Russian clone apps, you’re probably not affected. The bad news: that hasn’t kept it from being downloaded a few million times.

From ZDNet:

Without asking permission, Google sends developers the personal details of everyone who buys their app from Google Play.

So let’s review:

1. Create an app for Android that includes malware in it. Use said malware to do crappy things.
2. Use the information Google provides to you to build a list of email addresses of people who are not aware enough to not download suspicious looking apps in order to spam them. Use said spam to fleece them.

Solid (albeit evil) business plan: Unlocked!