BinaryXML format in Android is heavily abused by malware authors
To have a more detailed look at the technical details of this flaw, you can download our White Paper here.
ThreatFabric's analysts observed a rise in numbers for mobile banking Trojans abusing a flaw in the Android source code and the way it processes application files, which allows to install applications with malformed contents on Android devices.
Article Link: Mobile banking Trojans abuse Android BinaryXML format to avoid detection