Since the article talks about contact info being collected etc. - that could refer to any of the apps which have contact reading permission - are they the phone call caller id ad network (what’s it’s name) ?
It mentions the ad network SDK having ability to check installed apps - that is present in TapContext - which does that “virus check” (though it is done locally those lists could be uploaded to their server).
As noted by others before - an app CAN check for the installed apps WITHOUT requiring any special permissions
While the advisory mentions that the ad network can use the camera also - this seems to be an opportunistic use (i.e. if permissions allow it it maybe able to use the camera - say if the ad network SDK is used in a camera app ?).