The new malware uses SMTP to send the data it steals to the perpetrators. It appears the origin of this malware has its roots in China. It first appeared in August.
It collects phone numbers, sent and received SMS messages and recorded audio. Once this information is collected it is put into an e-mail and then uses SMTP servers such as smtp.gmail.com, smtp.163.com and smtp.126.com to e-mail the information to the perpetrators. The malware looks like a Google service so it is not detected unless you are specifically looking for it.
Be careful what you download for you your android, especially from untrusted websites.