Once you have a piece of malware sitting in the Google Play store, it would be remiss not to use the services available in the Android ecosystem to aid your nefarious activities.
"This makes it quicker and cheaper to manage infected Android devices, simply by registering on the Google service," Kaspersky said in a statement.
The company has found a number of malware samples that use GCM, with one, dubbed Trojan-SMS.AndroidOS.OpFake.a being able to send text messages, steal messages and contacts, create shortcuts to sites, and show notifications that advertise other pieces of malware.
"It would be strange if virus writers were not taking advantage of the opportunities offered by this service," said Roman Unuchek, senior malware analyst at Kaspersky Lab.
"The only way to block these channels of communication between the virus writers and their malware is to block the accounts of those developers whose IDs are used when registering malicious programs. We have informed Google about the detected GCM-ID, which are used in malware."
Kaspersky Lab admits that while the number of malware apps using GCM is low, some are widespread in Asia, Western Europe, and former Soviet bloc countries.
While Android is dominating the number of handsets sold across the world, it also claims the highest number of malware apps available.