VERY IMPORTANT

A new Android banking Trojan called SoumniBot has been discovered targeting Korean users. The malware uses unique obfuscation techniques to evade detection, including exploiting bugs in how the Android manifest file is parsed. Once installed, SoumniBot steals sensitive data like contacts, messages, and banking certificates, and can receive commands from a C2 server.