According to a cyber-security company Pentest report, a top 20 popular app on Google Play store has been surreptitiously stealing users' data without their permission.
This app is called Flash Keyboard, a replacement for Android's stock keyboard.
Pentest's investigation showed that Flash Keyboard has been uploading user information to various servers located in China, United States and the Netherlands.
This information included GPS locations, email address and the data on nearby Bluetooth devices.
After the report had been published, Google has removed the app from Google Play store. However, the developers uploaded a new version called Flash Keyboard - Lite.
We recommend to immediately uninstall Flash Keyboard or Flash Keyboard Lite if they're installed on your Android phone.
Protect your data and follow our guides to maintaining your phone secure.