The capillary diffusion of mobile devices, the lack of security systems on these platforms and low level of awareness on principal cyber threats made them a privileged target for cybercrime. Group-IB Forensics Lab detected mobile-banking malware through Google Play by Sberbank request (Russian leading national bank). The malware establishes the function for sending and receiving SMS-messages using the following event handler: Messages are processed and stored in the appropriate format in a file called messages.txt and can be sent to the above remote server.
Source: https://thehackernews.com/2013/01/dissecting-mobile-malware.html