Check Point Research has recently discovered a group of Android applications massively harvesting contact information on mobile phones without the user’s consent. The data stealing logic hides inside a data analytics Software Development Kit (SDK) seen in up to 12 different mobile applications and has so far been downloaded over 111 million times.

https://research.checkpoint.com/operation-sheep-pilfer-analytics-sdk-in-action/