Researchers have discovered a number of malicious Android apps are using Google s Cloud Messaging service and leveraging it as a command and control server to carry out attacks. Researchers found 1,000,000 different OpFake installers disguised as games. AndroidOS.Agent.ao is being peddled as a pornography app and while with only 300 installers, is substantially less popular than FakeInst., can still can use GCM to send text messages and issue notifications. Google has been notified of the developers in question.
Source: https://threatpost.com/android-malware-exploiting-google-cloud-messaging-service/101996/