Re: no additional clicks
If it was a silent install, then the story should mention which exploit it uses to get around the standard settings of only installing from approved sources (Google Play Store) or signed files.
If it is getting around the standard security, then the article should state this, as this would be a real problem. If it requires the user to turn off the safety features to install the .apk (which they would normally have to do), then it is a bit of a non-story, but the article should warn that users who have deliberately disabled the standard policy to install an app from an unknown source should turn the setting back on afterwards...