Google finds spyware on the Play Store: it had access to Facebook, LinkedIn, and even Telegram
Yeah, that sounds scary. The good news is that the exploits that Tizi was using have been patched long ago, with the April 2016 Android security patch. The bad news is that, as we know, there are millions of older Android phones out there that just don't get updates.
According to Google's data, Tizi apps were mostly downloaded by users in Kenya. A very small percentage of US users also got them. After discovering the exploit, Google deleted the apps, suspended the developers' accounts, and sent a warning message to all devices that were presumed infected. Google Play Protect has also been updated to more effectively detect Tizi-based malware.
source: Google
Things that are NOT allowed: