This is a companion discussion topic for the original entry at https://neat.tube/w/7MDHSaxCC2Uznq1jU819EJ
"One critical step in the infection is the acquisition of permissions to use the Accessibility Services, which are subsequently abused to automatically grant the spyware more permissions.
These additional permissions enable the spyware to access to the victim’s contacts list, SMS, call logs, external device storage, and fetch precise GPS location data from the infected device."
Remember folks, if you grant a dubious chat app dangerous permissions like accessibility, no security measure signal or simplex or whatever can save you. Be very very careful about the permissions you grant, even to legitimate apps, only give each app the most necessary permissions it needs to function, and practice minimalism or using as few apps as humanly possible. Also make sure these are legitimate apps from known devs, and try to use open source apps that don’t require Internet access permission whenever possible.