So far, I'm only aware of
one. Really though, as a Linux-based OS, Android is ridiculously protected considering its open nature. Unless you root, I'm fairly certain it's impossible for a virus to
physically harm your phone.
Accessing the data on it, however, is another matter. The system is only as safe as the user, and that means you have to keep an eye on the permissions requested each time you install an app, or at least
check them every once in a while. If you see a comment saying, "Why does it need access to _____?", then you should avoid that app unless the developer replies or has an answer to that question on their website, and you trust that developer.
Of course, you need to learn to the difference between trustworthy and untrustworthy developers, as well. I find that a website with a forum and/or decent FAQ is a good measure of a developer's trustworthiness. People don't realize it, but malicious coders are lazy people counting on the laziness in others. They rarely take the time to set up a website with a forum or write a decent FAQ. There's also the non-malicious developers with little interest in updating their apps after they make money off of them (the guy who made psx4droid comes to mind). They usually have a blog, but they go for months without answering questions (if they're answering questions, a blog is fine).
If you spot an app with a website that has a good FAQ or a forum with
any regular members, though, you're probably good to install/buy the app. Tasker's Pent would be a prime example. I can't remember the last time I saw a developer so engaged.