A chat app for Android claiming to be a secure messaging platform comes with spying functionality and stores user data in an unsecured location that is publicly available. Welcome Chat targets users from a specific region of the world and relies on open source code for recording calls, stealing text messages, and tracking. The developers of Welcome Chat promoted it as a secure communication solution that is available from the Google Play store. The app asks for permission to send and view SMS messages, access files, access contacts and access device location.
Source: https://www.bleepingcomputer.com/news/security/android-chat-app-uses-public-code-to-spy-exposes-user-data/