In the recent DEF CON Meet, technical director of security shop Endgame Hyrum Anderson disclosed a research paper on adapting API frameworks in building a malware that AV engines cannot identify. The core function of the system is to build a legitimate looking app by making minor changes to the original app that can avoid AV detections.
Read full news article on GBHackers