F-Secure experts have found what they believe to be a new variant of the old Zsone Android malware. It's not completely different from the previous Trojan, but this may hint that a new version is currently being developed.
The sample they’ve identified uses the native component for sending SMSs, but the interception routine that allows the cybercriminals to prevent the broadcasting of the command messages seems to have been changed.
If the previous Zsone managed to make its way into the official Android Market, researchers hope that this new variant will not reach Google Play.
“One wonders about the motivation of this development. We can see several possibilities of how the malware could utilize this new technique. Perhaps to defeat Google's Bouncer?” Zimry of F-Secure wrote
This particular SMS Trojan has been labeled as Trojan:Android/Zsone.C.