I came across this blog post and I think we should all be aware of the ad network that is behind this.
Ad Vulna: A Vulnaggressive (Vulnerable & Aggressive) Adware Threatening Millions | FireEye Blog
I for one, would not like my apps to have this sdk, but I am not sure to which ad network reference is made.
Since the article talks about contact info being collected etc. - that could refer to any of the apps which have contact reading permission - are they the phone call caller id ad network (what’s it’s name) ?
It mentions the ad network SDK having ability to check installed apps - that is present in TapContext - which does that “virus check” (though it is done locally those lists could be uploaded to their server).
As noted by others before - an app CAN check for the installed apps WITHOUT requiring any special permissions
While the advisory mentions that the ad network can use the camera also - this seems to be an opportunistic use (i.e. if permissions allow it it maybe able to use the camera - say if the ad network SDK is used in a camera app ?).