I’ve posted in various ways about the threat of Apps having more privileges than they should have (example a flashlight app seeing your phone contacts) as well as Apps having malicious code (example the flashlight app dumps your contacts to a threat actor). This topic isn’t new however, it still is a major concern for most since it’s hard to really understand the risk associated with the thousands of apps that live on the average user’s phone.
Techcrunch posted an example of big players taking down apps identified as malicious HERE. The research from Kaspersky found the apps and based on their notifications, had such apps taken off the Google and Apple stores.