An Android banking trojan is requesting users to whitelist its process against the Android Doze power saving module in order to stay connected to its command and control (C&C) servers and continue its malicious behavior. Doze is a battery power-saving component that Google added to Android 6.0 Marshmallow. The trojan’s creators have added a new mechanism to bypass Android’s Doze component. The permission’s “danger”” level doesn’t trigger a warning from the OS. Once the app where the trojan has been hidden requests this permission
Source: