I get a lot of vendor PR pitches each day that I ignore for a variety of reasons, especially when the FUD factor is high. And so it was when a PR guy emailed me with this alarming headline: "Newly Discovered Android Malware Has Infected Millions of Users."\tThe pitch linked to a blog post from Symantec researcher Irfan\u00a0Asrar, which proclaimed:\t"Symantec has identified multiple publisher IDs on the Android Market that are being used to push out\u00a0Android.Counterclank. This is a minor modification of\u00a0Android.Tonclank, a bot-like threat that can receive commands to carry out certain actions, as well as steal information from the device.\u00a0For each of these malicious applications, the malicious code has been grafted on to the main application in a package called\u00a0\u201capperhand\u201d. When the package is executed, a service with the same name may be seen running on a compromised device. Another sign of an infection is the presence of the Search icon above on the home screen."\tThe post itself was pretty basic and, as an Android user myself, good to know. But the PR pitch took it to a more dramatic level:\t"The 1 million to 5 million combined downloads of the 13 different app titles this malware hides behind indicates just how widespread this mobile malware is."\tOther security vendors pushed back on the claim, most notably Lookout Security. In an interview with Computerworld scribe Gregg\u00a0Keizer, Tim Wyatt, a principal engineer with Lookout, said \u00a0that Symantec had "significantly overblown" the story by labeling the apps as Trojan-infected, and added that its rival had been "a bit premature" in coming to its conclusions.\tYesterday, Symantec backed off it's original claims. In the follow-up story, Keizer wrote:\tSymantec has backtracked from assertions last week that 13 Android apps distributed by Google's Android Market were malicious, and now says that the code in question comes from an aggressive ad network that provides revenue to the smartphone programs.\tThe security firm's new stance was in line with that taken by Lookout Security, which on Friday\u00a0questioned Symantec's conclusions\u00a0and instead said that the apps displayed the same behavior as others funded by 10 or more similar ad networks.\tSymantec dubbed the code embedded within the 13 apps\u00a0Android.Counterclank\u00a0and classified it as a Trojan horse, or malware. According to Symantec's researchers, the malware was a variation on "Android.TonClank," called "Plankton" by researchers at North Carolina State University, another Trojan first uncovered in June 2011.\tThe apps containing the Android.Counterclank code had been downloaded between 1 million and 5 million times, said Symantec, which used the Android Market's own published numbers to arrive at that range. That made it the "largest malware [outbreak] on the Android Market," Kevin Haley, a director with Symantec's security response team, said in an interview last Friday.\tIn a\u00a0blog post\u00a0Monday, Symantec retracted its earlier allegations and said that the Android.Counterclank code comes from an SDK, or software development kit, distributed to "third parties to help them monetize their applications, primarily through search."\tAn honest mistake on Symantec's part? Perhaps.\u00a0\tWhatever the case may be, security vendors everywhere should view this as a teachable moment. Specifically, when reporting malware, they need to keep the drama level low.\u00a0\tOtherwise, when something truly big and nasty appears, nobody's going to pay attention when the vendor who over-hyped the last threat comes out with a warning for the new one.\tIt's the classic boy who cried wolf syndrome.