Been meaning to download the latest version of Angry Birds, but haven’t quite gotten around to it yet? If you’re downloading the app from an unofficial store, be aware that you may not be getting what you hoped for.

According to the security firm Sophos, there is a botnet masquerading as Rovio’s latest title. The trojan, according to the firm, looks like a fully functional version of the game, but has a hidden exploit that installs bad code into your smartphone. Once that code is in place, the firm wrote, it will try to install more malware on the affected phone.

This is just the latest example highlighting the need for smartphone users to be careful about where they get their apps. Before downloading an app, always take a couple of seconds to research the app’s publisher and read the reviews before installing it on your phone. Also, be sure to read the permissions on an app before you download it. If there’s something you’re not comfortable with in the permissions, it’s probably not worth downloading.

The best way to weed out bad apps up front, though, is to only download apps from trusted sources such as Google Play or Apple’s App Store. Not all third-party marketplaces are bad — some really great apps come from alternative markets — but users have to be aware of the risks before they hit “download.”

Related stories:

Apple works on malware detection, removal tool

For Commerce unit hit by computer virus, hardship of being unplugged has upside

Protecting yourself from shady apps