Google should seriously consider using a similar approach to what some of the major Linux Distros use when adding [packages to their repositories. Let devs submit apps to the store, but let the apps go through a testing phase with users who choose to be alpha and beta testers, before they are added to the market for public consumption. in this way the testers are able to uncover bugs and potential problems with apps before they are released. It doesn't mean that everything will be caught, but it should drastically cut down on this kind of malware.