A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure.
The malware is « notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest, » Kaspersky researcher Dmitry Kalinin said in a technical analysis.