KorBanker is a malicious Android app that has been known of by security researchers for about a year now. Rearing its ugly head primarily in Korea, KorBanker disguises itself as a legitimate banking app that, once installed, steals a user's banking credentials. Security pros who have been researching this app have recently discovered that KorBanker has also been stealing SMS messages from devices. Researchers who were conducting an analysis of one of KorBanker's command and control servers uncovered a database of text messages that included quite a few passwords and authentication codes. Passwords and codes for things like Facebook, VPN passwords, and Google two step verification codes. As previously stated, for now KorBanker has been most prevalent in Korea, however it doesn't take much of a leap of the imagination to see something like this pop up in the good ole U.S. So allow me a moment to beat on the same dead, rotten horse I've been smacking around for a while now: BE CAREFUL ABOUT WHAT APPS YOU INSTALL!! Especially apps that you install from sources other than the Play Store. But be careful with those too. Seriously. Read more about KorBanker.
Source: CSOOnline.com (thanks cmh714!)