The Android flashlight button is now so commonly used that Google’s started to build new ways to access the feature. But for those users that aren’t so savvy as to have deleted all the old flashlight apps of the past, there still may be a bit of danger.
A study by Avast found that a surprising number of flashlight apps request an unnecessary amount of permissions, sometimes up to 77 of them. When given, these permissions have allowed the apps to do actions such as reading contact lists or recording audio. It’s not currently clear whether all flashlight-related apps have accessed permissions on Android devices for malicious purposes, but it would seem that some have done just that. Some of the shadiest of these flashlight apps were pointed out by Avast, including Ultra Color Flashlight, Super Bright Flashlight, and Flashlight Plus.
Android users aren’t the only ones who need to be cautious, though. Some iPhone flashlight apps also make ridiculous permissions requests, as noted by an investigation run by Wired back in 2014. Flashlight apps appeared to be requesting permission to track an iPhone’s location, use the camera, or read the device’s calendar. Over the past few years, it’s become far less likely that an average iPhone user would be duped by a flashlight app, especially since all modern iOS devices have a flashlight button that comes standard.