The bug, dubbed NotCompatible, is the first Android bug to spread this way, according to mobile-security specialist Lookout. The Trojan poses as a system update and, while the current version doesn’t appear to do harm, it could be used in malicious ways.

“This threat does not currently appear to cause any direct harm to a target device, but could potentially be used to gain illicit access to private networks by turning an infected Android device into a proxy,” Lookout said in a blog post.

In order for a device to be infected, the user would have to install the downloaded Trojan, Lookout said.

“Based on our initial investigation, we’ve confirmed that a number of websites have been compromised,” Lookout said. “However, affected sites appear to show relatively low traffic and we expect total impact to Android users to be low.”

SecureWorks, which is privately held, says it has about 2,900 customers in 70 countries, and that its customers include 15 percent of the Fortune 500, as well as 1,500 banks and credit unions, though typical of a security company, it doesn’t name any of them. In 2009 it acquired the managed security business of VeriSign. It has about 700 employees and projected revenue of about $120 million.

It’s also known for its top-flight malware research team. Last year it was involved in the research and response around a banking Trojan called Origami, which originated in Russia and was designed to steal sign-in credentials.

Dell says the deal will expand its IT-as-service offerings. It also looks to be, at least in part, a reaction to Hewlett-Packard’s acquisition of security firm ArcSight in October. No financial terms are being disclosed, but Dell had been involved in a reselling partnership with SecureWorks since July of last year. It’s also Dell’s second acquisition in as many months. On Dec. 13 it spent $820 million for the health IT company Compellent.

Lookout said Geinimi displays botnet-like qualities and is the most sophisticated wireless malware it has seen. Thus far, infected programs have only been seen on various Chinese app stores.

“Geinimi is effectively being ‘grafted’ onto repackaged versions of legitimate applications, primarily games, and distributed in third-party Chinese Android app markets,” Lookout said in a blog post on Wednesday. “The affected applications request extensive permissions over and above the set that is requested by their legitimate original versions.”

The security firm said it has already updated both the paid and free versions of its software to protect against Geinimi.

“We’ve been made aware that a small number of Web sites attempt to trick Mac OS X users to install malicious software on their Macs,” said Apple spokeswoman Lynn Fox. “Apple has a great track record for keeping Mac OS X users secure, and as always, we encourage people to install software only from trusted sources.”

And be sure to stay away from porn sites that require you to install software to view them.

So is OSX.RSPlug.A an anomaly or a harbinger of things to come? Security researcher Gadi Evron says it’s the latter. “Apple’s day has finally come, and Apple users are going to get hit hard,” Evron told Wired. “OS X is the new Windows 98. … It’s Mac season. The next two years will be interesting.”