The Gunpoder Android malware has co-opted a Nintendo NES game emulator and hides inside the Airpush ad library, researchers at Palo Alto Networks said. The malware is crimeware, and the attackers objective is profit by running up premium SMS charges, as well as charging the victims for access to the app and its cheat feature. The attackers are seeding the emulator with an aggressive ad library called Airpush, and hiding malicious behaviors such as the collection of device and user data and communication with an attacker s server.
Source: https://threatpost.com/gunpoder-android-malware-hides-malicious-behaviors-in-adware/113654/