The e-mail account of a high-profile Tibetan activist was hacked and used to send targeted attacks to other activists and human rights advocates. The attack e-mails had an APK attachment a malicious program for Android. The Trojan waits for incoming SMS messages (the alarmReceiver class) and checks whether these messages contain one of the following commands: sms, contact and Location If one these commands is found, then the malware will encode the stolen data with Base-64 and upload it to the command and control server.”]
Source: https://securelist.com/android-trojan-found-in-targeted-attack-58/35552/