Study: Google Play is riddled with thousands of data-stealing counterfeit apps June 24, 2019 https://thenextweb.com/security/201...-thousands-of-data-stealing-counterfeit-apps/
That's why it's best to limit the amount of installed apps. And it's not even clear if you can trust legitimate apps. Because from what I understood, apps can read data from other apps. That's why I don't do online banking on mobile phones.
I don't have enough knowledge about how android works cuz I don't use my phone that much, BUT this is looking really bad for basically any phone not bought in like the current or maybe last year. Manufacturers are like "why should we update that phone bro, you already gave us your money, loser" With google play known as being quite secure, you can at least hope that it will protect u from malicious apps even with outdated android (like 6.0.1, for phones bought around this time in 2017) and lacking security patches, as long as you don't download apps with like 200 downloads, BUT it seems like this might not be the case
Actually, seems like I have discovered something new about Android's wacky security. Yesterday I decided to install the Yahoo Mail app on my smartphone, and to my surprise it was able to auto-login to my account, it didn't even ask for username and password. I wondered how this was possible, and the only thing I could think of is that I had already logged in to Yahoo Finance which is a completely separate app. In other words, seems like even legitimate apps can somehow get access to usernames and passwords stored by other apps. At least, this is what I assume at the moment, there may be another explanation.
