In Android world, sometimes you can’t stop malware from “serving” you, especially when the “service” is actually a malicious Android class running in the background and controlled by a remote access tool (RAT). Recently, FireEye mobile security researchers have discovered such a malware that pretends to be a “Google Service Framework” and kills an anti-virus application as well as takes other malicious actions.
more here.........http://www.fireeye.com/blog/technical/malware-research/2014/07/the-service-you-cant-refuse-a-secluded-hijackrat.html
more here.........http://www.fireeye.com/blog/technical/malware-research/2014/07/the-service-you-cant-refuse-a-secluded-hijackrat.html